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Introduction 


This lab manual is designed as a practical supplement to the concepts taught in the 
CCNA mapped Routing and Switching course at Zoom Technologies India Pvt. Ltd. 

We have included lab exercises on all the topics covered in the CCNA mapped 
course. The lab manual has been revamped and redesigned to make it very easy 
for the student to easily work out the task. We have also added a challenge lab at 
the end, to give the student a feel of the practical aspects of the CCNA exam. 

Each of the exercises is divided into the five sections: 

1. Objective 

2. Topology 

3. Tasks 

4. Configuration 

5. Verification 


The lab manual leads the students from the basic initial configuration of a router to 
advanced topics like inter-vlan routing, OSPF- multi area configuration, EIGRP fine 
tuning, password recovery, etc. 

We hope that this lab manual would be helpful to the students in solidifying their 
foundation in WAN networking. Any feedback or suggestions to improve this would 
be gratefully accepted. 
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EXERCISE 1: BINARY TO DECIMAL CONVERSION 
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EXERCISE 2: DECIMAL TO BINARY CONVERSION 
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EXERCISE 3: ADDRESS CLASS IDENTIFICATION 


ADDRESS 

CLASS 

126.10.1.1 


128.10.1.1 


162.78.1.10 


39.255.255.255 


220.1.1.10 
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EXERCISE 4: NETWORK AND HOST IDENTIFICATION BASED ON 

CLASS OF ADDRESS 


CIRCLE THE NETWORK PORTION 

OF BELOW ADDRESSES 

CIRCLE THE HOST PORTION 

OF BELOW ADDRESSES 

132.12.1.1 

161.43.5.6 

128.10.1.1 

13.1.100.254 

176.13.10.10 

202.153.32.121 

162.78.1.10 

100.140.2.230 

200.1.1.1 

171.24.100.10 
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EXERCISE 5: DEFAULT SUBNET MASK 


ADDRESS 

CLASS 

126.10.1.1 


128.10.1.1 


162.78.1.10 


52.255.255.255 


220.1.1.10 
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EXERCISE 6: NETWORK ADDRESS 

USING THE IP ADDRESS AND SUBNET MASK SHOWN, WRITE THE NETWORK ADDRESS 


IP ADDRESS AND SUBNET MASK 

NETWORK ADDRESS 

121.12.1.1 


255.0.0.0 


175.13.10.10 


255.255.0.0 


200.1.10.1 


255.255.255.0 


119.0.255.20 


255.0.0.0 


191.168.1.10 


255.255.0.0 
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EXERCISE 7: BROADCAST ADDRESS 

USING THE IP ADDRESS AND SUBNET MASK SHOWN, WRITE THE BROADCAST ADDRESS 


IP ADDRESS AND SUBNET MASK 

BROADCAST ADDRESS 

161.43.5.6 


255.255.0.0 


13.1.100.254 


255.0.0.0 


202.153.32.121 


255.255.255.0 


100.140.2.230 


255.0.0.0 


171.24.100.10 


255.255.0.0 
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EXERCISE 8: CISCO SLASH NOTATION 


SLASH NOTATION 

SUBNET MASK 

/29 


/ 22 


/12 


/25 


/18 
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EXERCISE 9: CUSTOM SUBNET MASK (SUBNETTING) 


PROBLEM : 1 

Number of needed subnets 

14 

Network Address 

200.10.10.0 

Address class 


Default subnet mask 


Custom subnet mask 


Total number of subnets 


Total number of host addresses 


Number of usable addresses 


Number of bits borrowed from the host 
portion 
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PROBLEM : 2 

Number of needed usable hosts 

60 

Network Address 

171.10.0.0 

Address class 


Default subnet mask 


Custom subnet mask 


Total number of subnets 


Total number of host addresses 


Number of usable addresses 


Number of bits borrowed from the host 
portion 
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PROBLEM : 3 

Network Address 

138.25.0.0/26 

Address class 


Default subnet mask 


Custom subnet mask 


Total number of subnets 


Total number of host addresses 


Number of usable addresses 


Number of bits borrowed from the host 
portion 
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PROBLEM : 4 

Number of needed subnets 

2000 

Network Address 

111.0.0.0 

Address class 


Default subnet mask 


Custom subnet mask 


Total number of subnets 


Total number of host addresses 


Number of usable addresses 


Number of bits borrowed from the host 
portion 
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PROBLEM : 5 

Number of needed usable hosts 

1000 

Network Address 

165.34.0.0 

Address class 


Default subnet mask 


Custom subnet mask 


Total number of subnets 


Total number of host addresses 


Number of usable addresses 


Number of bits borrowed from the host 
portion 
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PROBLEM : 6 

Network Address 

192.100.1.0/29 

Address class 


Default subnet mask 


Custom subnet mask 


Total number of subnets 


Total number of host addresses 


Number of usable addresses 


Number of bits borrowed from the host 
portion 
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EXERCISE 10: VARIABLE LENGTH SUBNET MASK (VLSM) 


PROBLEM: 1 

The administrator gave the networking team 192.168.1.0/24 to use for addressing the entire 
network. After subnetting the address, the team is ready to assign the addresses 


192.168.1.0/24 



120 Hosts 


60 Hosts 


20 Hosts 
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PROBLEM: 2 

The administrator gave the networking team 192.168.164.0/24 to use for addressing the entire 
network. After subnetting the address, the team is ready to assign the addresses. The administrator 
plans to configure ip subnet-zero and use RIP v2 as the routing protocol. As a member of the 
networking team, you must address the network and at the same time conserve unused addresses 
for future growth. 
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LAB 1: INITIAL CONFIGURATION OF ROUTER 


OBJECTIVE: 


To get familiarized with Cisco IOS modes and configure a new Router with basic configuration i.e. 
assign IP address on the interfaces and configure passwords etc. 


TOPOLOGY: 

Setup Console and Ethernet connectivity for the lab as below : 

Console 
>* 

x 

G0/0 s 

10 . 0 . 0 . 1/8 

\ 
I 
I 
I 
/ 

/ 

/ 

✓ 

✓ 


Computer IP Address 
10.0.0.10 




TASK: 

• Establish console connectivity 

• Access router via console with an emulation software 

• Get to know Cisco IOS Modes and Show commands 

• Configure Hostname and Interface IP address 

• Configure Connectivity Passwords 

• Configure Privilege Mode / Enable Password 

• Verify configuration in RAM and NVRAM 

• Saving configuration to the router 

• Access the router via Telnet 
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Establish console connectivity 
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Establish console connectivity by connecting Router console port to PC Com Port with console cable 
as shown in the picture below: 



Rollover RJ-45 lo DB-9 
Cable Converter 


Access router via console with an emulation software 


Configure the following parameters in emulation software for accessing router via console port. 


Parameters 

Console Port Settings 

Baud 

9600 


Data bits 8 


Parity 

None 

Stop bits 

1 
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Accessing router via console from Microsoft Windows Computer 

• Start a terminal emulator application, such as PUTTY.exe 

• Select Serial option and set speed to 9600. 

• Click Open 



• Once emulation software is ready, Power-ON the Router. 


Accessing router via console from Linux Computer 

• From the terminal enter the below command 

# minicom -s 



LJ ^ * If | jyj *»<«•« 4 ww - i [<*] Sm M IS* Q 
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• Select Serial port Setup and press enter 



' ■■■*" •* '■“* j pyj ®»>j I5:?D 

• It will display default COM Port Settings. 
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Specify COM Port where console cable is connected. 



fcj -V * • l E '■■■■ • ■ •* a | j tn«a "t 15:33 


Change the Bps Setting to 9600. 


|Co«i» Paraneters] 


+ 


A 

Serial | 

Current: 

9666 8N1 


B 

- Lockfile ij 




C 

Callin pj 

Speed 

Parity 

Data 

D 

Callout pj 




E 

Bps/Pa rj 

A: 366 

L: None 

S: 5 

F 

- Hardware Fj 

B: 1266 

M: Even 

T: 6 

G 

* Software F| 

C: 2466 

II: Odd 

U: 7 


1 

D: 4866 

0: Mark 

V: 8 


Change whie| 

E: 9666 

P: Space 


••• 


F: 19268 


Stopbits 


| Screen j 

G. 38468 


W: 1 


j Save sj 

H: 57669 


X: 2 


| Save sj 

I: 115290 

0: 8-N-l 



1 Exit 1 

J: 236460 

R: 7-E-l 



| Exit t| 





1 

Choice, or 

<Enter> to exit? | 



fcj - -V 
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• Change the Hardware Flow Control option to No. 



y -v - «' 1 ~~i» — t2M » 

• Select Save Setup as dfl option. 



EJ *• -V -t IS:3H 
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• Exit the Minicom 



• Once emulation software is ready, Power-ON the Router. 

Get to know Cisco IQS Modes and Show commands 

After the Router boots-up completely, (on a new Cisco Router) it enters setup mode as below: 

System Configuration Dialog 

Would you like to enter the initial configuration dialog? [Yes/no]: no 
Would you like to terminate autoinstall? [yes]: yes 

If you choose "Yes", IOS will prompt questions to gather the information to configure the Router, it 
is recommended to choose "no", since we can configure the Router using IOS commands 

Router > 

To navigate into Privilege mode/Executive Mode from User Mode and Vice-Versa 

Router>enable 
Router # 

Router# disable 
Router > 
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To view router IOS and hardware information 
Router # show version 

Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 15.1(3)T2, RELEASE 
SOFTWARE (fcl) 

Technical Support: http://www.cisco.com/techsupport 
Copyright (c) 1986-2011 by Cisco Systems, Inc. 

Compiled Wed 10-Aug-ll 05:17 by prod_rel_team 


ROM: System Bootstrap, Version 12.3(8r)T7, RELEASE SOFTWARE (fcl) 

Router uptime is 49 minutes 
System returned to ROM by power-on 

System image file is M flash:c2800nm-adventerprisek9-mz.l51-3.T2.bin" 

Last reload type: Normal Reload 

This product contains cryptographic features and is subject to United 
States and local country laws governing import, export, transfer and 
use. Delivery of Cisco cryptographic products does not imply 
third-party authority to import, export, distribute or use encryption. 

Importers, exporters, distributors and users are responsible for 
compliance with U.S. and local country laws. By using this product you 
agree to comply with applicable laws and regulations. If you are unable 
to comply with U.S. and local laws, return this product immediately. 

A summary of U.S. laws governing Cisco cryptographic products may be found at: 
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html 

If you require further assistance please contact us by sending email to 
export@cisco.com. 

Cisco 2821 (revision 53.51) with 249856K/12288K bytes of memory. 

Processor board ID FTX0939A2PM 
2 Gigabit Ethernet interfaces 
2 Serial(sync/async) interfaces 
1 Virtual Private Network (VPN) Module 
DRAM configuration is 64 bits wide with parity enabled. 

239K bytes of non-volatile configuration memory. 

125184K bytes of ATA CompactFlash (Read/Write) 

License Info: 

License UDI: 


Device# PID SN 


*0 CISC02821 FTX0939A2PM 


Configuration register is 0x2102 
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To view router flash Information 

Router # show flash 

-#- --length date/time path 

1 66537232 May 2 2014 08:40:18 +00:00 c2800nm-adventerprisek9-mz.l51-3.T2.bin 


61376512 bytes available (66541568 bytes used) 


To view router current configuration (RAM) 

Router # show running-config 

Building configuration... 

Current configuration : 1000 bytes 
! 

version 15.1 

service timestamps debug datetime msec 
service timestamps log datetime msec 
no service password-encryption 
! 

hostname Router 
! 

boot-start-marker 

boot-end-marker 

! 

no aaa new-model 
! 

dotll syslog 
ip source-route 
! 

ip cef 
! 

no ipv6 cef 
! 

multilink bundle-name authenticated 
! 

voice-card 0 
! 

crypto pki token default removal timeout 0 
! 

license udi pid CISC02821 sn FTX0939A2PM 
! 

redundancy 

! 

interface GigabitEthernet0/0 

no ip address 

shutdown 

duplex auto 

speed auto 

! 

interface GigabitEthernetO/1 
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no ip address 
shutdown 
duplex auto 
speed auto 

! 

interface Serial0/0/0 
no ip address 
shutdown 
clock rate 2000000 

! 

interface Serial0/0/l 
no ip address 
shutdown 

! 

ip forward-protocol nd 
no ip http server 
no ip http secure-server 
! 

logging esm config 
! 

control-plane 

! 

mgcp profile default 
! 

line con 0 
line aux 0 
line vty 0 4 
login 

transport input all 
! 

scheduler allocate 20000 1000 
end 


To view router startup configuration (NVRAM) 
Router# show startup-config 
startup-config is not present 

To navigate into Global Configuration Mode 

Router # configure terminal 
Router (config) # 


Configure Hostname and Interface IP address 


To change the Host Name of Router 

Router (config) # hostname R1 
R1 (config) # 
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To configure IP address on Ethernet Interface (LAN interface) 

R1 (config) # interface Gigabitethernet 0/0 
R1 (config-if) # ip address 10.0.0.1 255.0.0.0 

R1 (config-if) # no shutdown 
R1 (config-if) #exit 


Configure Connectivity Passwords 


To configure telnet password 

R1 (config) # line vty 0 4 
R1 (config-line) # password zoom 
R1 (config-line) #login 
R1 (config-line) #exit 

To configure console password 

R1 (config) # line console 0 
R1 (config-line) # password ccna 
R1 (config-line) #login 
R1 (config-line) # exit 

To configure auxiliary password 

R1 (config) # line aux 0 
R1 (config-line) # password cisco 
R1 (config-line) # login 
R1 (config-line) # exit 

Configure Privilege Mode / Enable Password 


Configure privilege password 

R1 (config) #enable password ccna 
R1 (config) #enable secret zoom 

Verify configuration in RAM and NVRAM 


To View Router Current Configuration (RAM) 

Rl# show running-config 

Building configuration... 

Current configuration : 1197 bytes 
! 

! Last configuration change at 14:07:57 UTC Fri Jul 17 2015 
! 

version 15.1 

service timestamps debug datetime msec 
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service timestamps log datetime msec 
no service password-encryption 
! 

hostname R1 
! 

boot-start-marker 

boot-end-marker 

! 

enable secret 5 $l$c3y7$lmD5cmfnVAxSyns0r4dMx0 
enable password ccna 
! 

no aaa new-model 
! 

dotll syslog 
ip source-route 
! 

ip cef 
! 

no ipv6 cef 
! 

multilink bundle-name authenticated 
! 

voice-card 0 
! 

crypto pki token default removal timeout 0 
! 

license udi pid CISC02821 sn FTX0939A2PM 
! 

redundancy 

! 

interface GigabitEthernetO/O 
ip address 10.0.0.1 255.0.0.0 
duplex auto 
speed auto 

! 

interface GigabitEthernetO/1 

no ip address 

shutdown 

duplex auto 

speed auto 

! 

interface Serial0/0/0 
no ip address 
shutdown 
clock rate 2000000 

! 

interface Serial0/0/l 
no ip address 
shutdown 

! 

ip forward-protocol nd 
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no ip http server 
no ip http secure-server 
! 

logging esm config 
! 

control-plane 

! 

mgcp profile default 
! 

line con 0 
password ccna 
login 

line aux 0 
password cisco 
login 

line vty 0 4 
password zoom 
login 

transport input all 

! 

scheduler allocate 20000 1000 
end 

To View Router Startup Configuration (NVRAM) 

R1 # show startup-config 
startup-config is not present 

Saving configuration to the router 

To save configuration on router 

R1 # copy running-config startup-config 

Destination filename [startup-config]? 

Building configuration... 

[OK] 

Rl# 

To view router startup configuration (NVRAM) 

Rl # show startup-config 

Using 1197 out of 245752 bytes 
! 

I Last configuration change at 14:07:57 UTC Fri Jul 17 2015 
! 

version 15.1 

service timestamps debug datetime msec 
service timestamps log datetime msec 
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no service password-encryption 
! 

hostname R1 
! 

boot-start-marker 

boot-end-marker 

! 

enable secret 5 $l$c3y7$lmD5cmfnVAxSyns0r4dMx0 
enable password ccna 
! 

no aaa new-model 
! 

dotll syslog 
ip source-route 

ip cef 


no ipv6 cef 
! 

multilink bundle-name authenticated 
! 

crypto pki token default removal timeout 0 
! 

license udi pid CISC02821 sn FTX0939A2PM 
! 

interface GigabitEthernetO/O 
ip address 10.0.0.1 255.0.0.0 
duplex auto 
speed auto 

! 

interface GigabitEthernetO/1 

no ip address 

shutdown 

duplex auto 

speed auto 

! 

interface Serial0/0/0 
no ip address 
shutdown 
clock rate 2000000 

! 

interface Serial0/0/l 
no ip address 
shutdown 

! 

ip forward-protocol nd 

no ip http server 

no ip http secure-server 
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| 

logging esm config 
! 

control-plane 

! 

mgcp profile default 
! 

line con 0 
password ccna 
login 
line aux 0 
password cisco 
login 

line vty 0 4 
password zoom 
login 

transport input all 
! 

scheduler allocate 20000 1000 
end 

Access the router via Telnet 

• Accessing router via telnet by giving below command on a Windows or Linux computer. 

telnet 10.0.0.1 



* - — - -* H: II 
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LAB 2: ENHANCING ROUTER SECURITY 


OBJECTIVE: 

To enhance router security by encrypting all passwords , configure banners, exec-timeouts, 
username and password security and enabling SSH access on router. 


TOPOLOGY: 

Setup Ethernet connectivity for the lab as below : 



G0/0 

10.0.0.1/8 



Computer IP Address 
10 . 0 . 0.10 

Pre-requisite: Initial configuration to be done on the router (LAB - 1) 

TASKS: 

• Access router via Telnet 

• Encrypt all clear text passwords on the router. 

• Configure Warning Banner and Idle-timeout on Router 

• Configure unattended session timeout for VTY access 

• Configure Enhanced Username Password Security on Routers 

• Configure the SSH Server on Router 
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Access router via Telnet 

• Access router via telnet by giving below command on a Windows or Linux computer. 

telnet 10.0.0.1 



Encrypt all clear text passwords on the router 

Verify router's existing configuration 

All password are in clear text except enable secret password 

R1 # sh running-config 

Building configuration... 

Current configuration : 1221 bytes 
! 

! Last configuration change at 18:22:59 UTC Mon Jul 20 2015 by zoom 
! 

version 15.1 

service timestamps debug datetime msec 
service timestamps log datetime msec 
no service password-encryption 
! 

hostname R1 
! 

boot-start-marker 

boot-end-marker 


! 

enable secret 5 $l$Eo2F$oKXKSAmJK5Tyq3uYmP8ln. 
enable password ccna 
! 

no aaa new-model 


! 

dotll syslog 
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ip source-route 
! 

interface GigabitEthernetO/O 
ip address 10.0.0.1 255.0.0.0 
duplex auto 
speed auto 

! 

interface GigabitEthernetO/1 

no ip address 

shutdown 

duplex auto 

speed auto 

! 

interface Serial 0/0/0 
no ip address 
shutdown 

! 

interface Serial0/0/l 
no ip address 
shutdown 

! 

ip forward-protocol nd 
no ip http server 
no ip http secure-server 
! 

logging esm config 
! 

control-plane 

! 

mgcp profile default 
! 

line con 0 
password ccna 
login 

line aux 0 
password cisco 
login 

line vty 0 4 
exec-timeout 0 0 
password zoom 
login 

transport input all 
! 

scheduler allocate 20000 1000 
end 

Rl# 
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Encrypt all clear text passwords 
R1 (config) # service password-encryption 

Verification: 


Now previously visible passwords are encrypted 

R1 # sh running-config 

Building configuration... 

Current configuration : 1221 bytes 
! 

! Last configuration change at 18:22:59 UTC Mon Jul 20 2015 by zoom 
! 

version 15.1 

service timestamps debug datetime msec 
service timestamps log datetime msec 
no service password-encryption 
! 

hostname R1 
! 

boot-start-marker 

boot-end-marker 

! 

enable secret 5 $l$Eo2F$oKXKSAmJK5Tyq3uYmP8ln. 
enable password 7 0508050120 
! 

no aaa new-model 
! 

dotll syslog 
ip source-route 
! 

interface GigabitEthernet0/0 
ip address 10.0.0.1 255.0.0.0 
duplex auto 
speed auto 

! 

interface GigabitEthernetO/1 

no ip address 

shutdown 

duplex auto 

speed auto 

! 

interface Serial0/0/0 
no ip address 
shutdown 

! 

interface Serial0/0/l 
no ip address 
shutdown 

! 
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ip forward-protocol nd 
no ip http server 
no ip http secure-server 
! 

logging esm config 
! 

control-plane 

! 

mgcp profile default 
! 

line con 0 

password 7 08224F4008 

login 

line aux 0 

password 7 1511021F0725 
login 

line vty 0 4 
exec-timeout 0 0 
password 7 12030A181F 
login 

transport input all 
! 

scheduler allocate 20000 1000 
end 

Rl# 

Configure Warning Banner and Idle-timeout on Routers 

Configure a warning message to display prior to login. 

Rl (config) # banner motd $ 

Enter TEXT message. End with the character 


UNAUTHORISED ACCESS STRICTLY PROHIBITED AND PROSECUTED 
TO THE FULL EXTENT OF THE LAW 

===============================================================$ 
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Now open a new telnet session from your computer to the router to verify the banner configured, 
i.e. telnet 10.0.0.1 



fcj — c 5 ■* mvtrn ........ Ma-Inw.d> **•*»••• u« I i Ok. “• IT: '8 


Configure unattended session timeout for VTY access 

By default unattended session time-out is 10 minutes. We reducing the unattended session timeout 
to 1 minute 00 seconds. 


R1 (config) # line vty 0 4 
R1 (config-line) # exec-timeout 1 00 

Verification: 

Now open a new telnet session from your computer to the router (get into privilege mode) and 
leave the session open without performing any action or modification for 1 minute. Session will be 
automatically disconnected after the session time-out has been reached. 
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Shell (Console <2> 


- # 

- # 

# ssh -l zoom 10.0.0.1 
The authenticity of host '10.0.0.1 (10.0.0.1)' can't be established. 

RSA key fingerprint is Id : 3b: 15: 64 : 86: 56: 7c: 2b: cd : b3 : lc: 84: 47: 4e: f0:72 . 
Are you sure you want to continue connecting (yes/no)? yes 
Warning: Permanently added '10.0.0.1' (RSA) to the list of known hosts. 
Password : 


UNAUTHORISED ACCESS STRICTLY PROHIBITED AND PROSECUTED 
TO THE FULL EXTENT OF THE LAW 





I Shell Konsolt 


I Shell Konaole < 2 * 


-Ejiik' Konqueroc 
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Configure Enhanced Username Password Security on Routers 


Configure a new user with password 
Rl(config)# username zoom password cisco 


Enabling userwise access for VTY session 

Rl(config)# line vty 0 4 
Rl(config-line)# login local 


Verification : 

Now open a new telnet session from your computer to the router and try to login using already 
configured user. 

i.e. telnet 10.0.0.1 



jbt - * telnet 10.0 0.1 
Trying 10.0 0.1... 
Connected to 10.0.0.1. 
Escape character Is *'1' 


UNAUTHORISED ACCESS STRICTLY PROHIBITED AND PROSECUTED 
TO THE FULL EXTENT OF THE LAW 


User Access Verification 

Usernaae. zoom 
Password : 

Rl> 

ni> 

'ris| 


0 Af> ; rnmm-mmrn* 1^1 30 k. Ilifl 
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Configure the SSH Server on Router 


Configure a domain name 

R1 (config) # ip domain-name zoom.com 


Configure the vty lines. 

R1 (config) # line vty 0 4 
R1 (config-line) # login local 
R1 (config-line) # transport input ssh 
R1 (config-line) # exit 

Generate the RSA encryption key pair for the router 

Rl(config)# crypto key generate rsa 
The name for the keys will be: Rl.zoom.com 

Choose the size of the key modulus in the range of 360 to 2048 for your 

General Purpose Keys. Choosing a key modulus greater than 512 may take a few minutes. 

How many bits in the modulus [512]: 1024 
% Generating 1024 bit RSA keys, keys will be non-exportable... 

[OK] (elapsed time was 3 seconds) 

Rl(config)# 

Verification: 

Now open a new telnet session from your computer to the router, you will not able to access router 
via telnet. 

Verify SSH access to R1 from computer by giving below command : 

ssh -I zoom 10.0.0.1 
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Ml# KmhIi «2> 


bt - * 
bt - # 

tot - # ssh -X zooi» 10.0.0.1 

:The authenticity of host '10.0.0.1 (10.0.0.1)' can't be established. 
RSA Key fingerprint is Id : 3b: 15: 64:86: 56: 7c : 2b: cd : b3 : lc: 84 : 47:4e: fO: 72. 
jAre you sure you want to continue connecting (yes/no)? yes 
|Warning: Permanently added '10.0.0.1' (RSA) to the list of Known hosts. 
Password: 


UNAUTHORISED ACCESS STRICTLY PROHIBITED AND PROSECUTED 
TO THE FULL EXTENT OF THE LAW 


|R1> 

Rl>Connectlon to 10.0.0.1 closed by remote host 
onnection to 10.0.0.1 closed, 
bt - # 

t - » 
t - * 
t - * 
t - 9 
t - # 
bt - # 
t - # 
bt - # 
bt - # 
bt - # 
bt - * 




back I track 


y * v ■ « 


4 Ml# K— n il 


Deiinn Ccmjurrrr 
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LAB 3: WAN INTERFACE CONFIGURATION 


OBJECTIVE: 

To configure and troubleshoot a Serial Interface. 


TOPOLOGY: 


Setup Ethernet and Serial connectivity for the lab as below 


so/i 


eo/o 


so/o 


F0/0 


Switch 


Switch 



Interface 


EO/O 

SO/O 

SO/1 


□ 


IP Address / Mask 


192.168.2.1/24 

172.16.0. 1/16 

172.18.0. 2/16 




Switch 



10 . 0 . 0 . 1/8 

172.17.0. 1/16 

172.16.0. 2/16 


Interface 


FO/O 

SO/O 

SO/1 


III! 


IP Address / Mask 


192.168.3.1/24 

172.18.0.1/16 

172.17.02/16 


TASK: 

• Identify Serial Interface as DCE or DTE 

• Configure Serial Interface 

• Verify Serial Interface Configuration 

• Troubleshooting Serial Interface 
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Identify Serial Interface as DCE or DTE 


Example - R2 


Identify DCE / DTE interface on R2 

R2 # show controllers serial 0/0/0 
Interface Seria 10/0/0 
Hardware is GT96K 
DCE V.35, clock rate 2000000 

idb at 0x497698FC, driver data structure at 0x49770EAC 
wicjnfo 0x497714D8 
Physical Port 1, SCC Num 1 
! 

<output omitted> 


R2 # show controllers serial 0/0/1 
Interface Serial0/0/l 
Hardware is GT96K 

DTE V.35idb at 0x497739F0, driver data structure at 0x4977BlE4 
wicjnfo 0x4977B810 
Physical Port 0, SCC Num 0 
! 

<output omitted> 

! 

Verify Serial Interface existing status 
R2 # show interface serial 0/0/0 

Serial0/0/0 is administratively down, line protocol is down 
Hardware is GT96K Serial 

MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 

coutput omitted> 

! 

R2 # show interface serial 0/0/1 

Serial0/0/l is administratively down, line protocol is down 
Hardware is GT96K Serial 

MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 

<output omitted> 

! 
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Verify R2's existing configuration 

R2 # show running-config 

Building configuration... 

Current configuration : 1210 bytes 
hostname R2 
! 

coutput omitted> 

! 

interface GigabitEthernetO/O 
ip address 10.0.0.1 255.0.0.0 
duplex auto 
speed auto 

! 

interface GigabitEthernetO/1 

no ip address 

shutdown 

duplex auto 

speed auto 

! 

interface Serial0/0/0 
no ip address 
shutdown 

! 

interface Serial0/0/l 
no ip address 
shutdown 

! 

<output omitted> 

! 

end 
R2 # 


Repeat the above commands on R1 and R3 routers. 


Configure Serial Interface 

R1 - Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R1 (config)# interface serial 0/0 

R1 (config-if)# ip address 172.16.0.1 255.255.0.0 

R1 (config-if)# no shutdown 

R1 (config-if)# clock rate 64000 

R1 (config-if)# encapsulation hdlc 

R1 (config-if)# exit 

R1 (config)# 
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R1 (config)# interface serial 0/1 

R1 (config-if)# ip address 172.18.0.2 255.255.0.0 

R1 (config-if)# no shutdown 

R1 (config-if)# encapsulation hdlc 

R1 (config-if)# exit 

R1 (config)# exit 


R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config)# interface serial 0/0/0 

R2 (config-if)# ip address 172.17.0.1 255.255.0.0 

R2 (config-if)# no shutdown 

R2 (config-if)# clock rate 64000 

R2 (config-if)# encapsulation hdlc 

R2 (config-if)# exit 

R2 (config)# 

R2 (config)# interface serial 0/0/1 

R2 (config-if)# ip address 172.16.0.2 255.255.0.0 

R2 (config-if)# no shutdown 

R2 (config-if)# encapsulation hdlc 

R2 (config-if)# exit 

R2 (config)# exit 


R3 - Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config)# interface serial 0/0 

R3 (config-if)# ip address 172.18.0.1 255.255.0.0 

R3 (config-if)# no shutdown 

R3 (config-if)# clock rate 64000 

R3 (config-if)# encapsulation hdlc 

R3 (config-if)# exit 

R3 (config)# 

R3 (config)# interface serial 0/1 

R3 (config-if)# ip address 172.17.0.2 255.255.0.0 

R3 (config-if)# no shutdown 

R3 (config-if)# encapsulation hdlc 

R3 (config-if)# exit 

R3 (config)# exit 
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Verify Serial Interface Configuration 


R1 - Verification 

R1 # show interface serial 0/0 
Serial0/0 is up, line protocol is up 
Hardware is PowerQUICC Serial 
Internet address is 172.16.0.1/16 
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 

<output omitted> 

! 

Rl# show interface serial 0/1 
Serial0/1 is up, line protocol is up 
Hardware is PowerQUICC Serial 
Internet address is 172.18.0.2/16 
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 

<output omitted> 

! 

R2 - Verification : 

R2 # show interface serial 0/0/0 
Serial0/0/0 is up, line protocol is up 
Hardware is GT96K Serial 
Internet address is 172.17.0.1/16 
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 

coutput omitted> 

! 

R2 # show interface serial 0/0/1 
Serial0/0/l is up, line protocol is up 
Hardware is GT96K Serial 
Internet address is 172.16.0.2/16 
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 
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<output omitted> 

R3 - Verification : 

R3 # show interface serial 0/0 
Serial0/0 is up, line protocol is up 
Hardware is PowerQUICC Serial 
Internet address is 172.18.0.1/16 
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 

<output omitted> 

! 

R3 # show interface serial 0/1 
Serial0/1 is up, line protocol is up 
Hardware is PowerQUICC Serial 
Internet address is 172.17.0.2/16 
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation HDLC, loopback not set 
Keepalive set (10 sec) 

! 

coutput omitted> 

! 

Troubleshooting Serial Interface 


From the output, the first line indicates the status of the Serial interface. There are 4 possible states: 

1. Serial 0/0 is up , line protocol is up 

Layer 1 and Layer 2 Connectivity and configuration is fine 

2. Serial 0/0 is administratively down, line protocol is down 

'No Shutdown' has to be given on the local Router's Serial interface 

3. Serial 0/0 is up, line protocol is down 

Encapsulation mismatch or clock rate has not been given on the DCE interface or Lease Line 
problem 

4. Serial 0/0 is down, line protocol is down 

Problem with the v.35 cable, CSU/DSU or 'no shutdown' has not been given on the remote 
Router 
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LAB 4: STATIC ROUTING 


OBJECTIVE: 

To configure Static Routing for enabling communication between different networks connected to 
different routers. To set up static routes on Rl, R2, R3 to connect to each other's local networks. 


TOPOLOGY: 

Setup Ethernet and Serial connectivity for the lab as below 


so/i 


so/o 



Interface 


E0/0 

SO/0 

SO/1 


IP Address / Mask 


192.168.2.1/24 

172.16.0. 1/16 

172.18.0. 2/16 


Switch 



Interface 


G0/0 

SO/O/O 

SO/O/1 


IP Address / Mask 


10 . 0 . 0 . 1/8 

172.17.0. 1/16 

172.16.0. 2/16 


Minin 


Interface 


F0/0 

SO/O 

SO/1 


IP Address / Mask 


192.168.3.1/24 

172.18.0.1/16 

172.17.02/16 


Pre-requisite: WAN Interface configuration to be done on the router (LAB - 3) 


TASK: 


Enabling IPv4 Routing 
Verify Routing Table 
Configure Static Routing 
Verify Static Routing 

Verify communication between the networks. 
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Enabling IPv4 Routing 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
Rl (config) # ip routing 
Rl (config) # 


R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # ip routing 
R2 (config) # 

R3 - Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config) # ip routing 
R3 (config) # 

Note : Once routing is enabled the directly connected networks are automatically added into the 
routing information table. "C'represents directly connected networks. The IP Network is 
learnt through the local Interface of the router. 

Verify Routing Table 

Rl- Verification : 

Rl # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.16.0.0/16 is directly connected, Serial0/0 
C 172.18.0.0/16 is directly connected, Serial0/1 
C 192.168.2.0/24 is directly connected, EthernetO/O 
Rl# 
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R2 - Verification : 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

10.0. 0.0/8 is variably subnetted, 2 subnets, 2 masks 

C 10.0.0.0/8 is directly connected, GigabitEthernetO/O 
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0 

172.16.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 

172.17.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 

L 172.17.0.1/32 is directly connected, Serial0/0/0 
R2 # 


R3 - Verification : 

R3 # show ip route 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.17.0.0/16 is directly connected, Serial0/1 

C 172.18.0.0/16 is directly connected, Serial0/0 

C 192.168.3.0/24 is directly connected, FastEthernetO/O 

R3 # 


CCNA Lab Manual 


Page | 50 


www.zoomgroup.com 


0 



Configure Static Routing 



ZOOM 


TECH N OLOG IE! 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # ip route 10.0.0.0 255.0.0.0 172.16.0.2 
Rl (config) # ip route 192.168.3.0 255.255.255.0 172.18.0.1 
Rl (config) # exit 
Rl (config) # 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # ip route 192.168.2.0 255.255.255.0 172.16.0.1 
R2 (config) # ip route 192.168.3.0 255.255.255.0 172.17.0.2 

R2 (config) # exit 
R2 (config) # 

R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config) # ip route 10.0.0.0 255.0.0.0 172.17.0.1 
R3 (config) # ip route 192.168.3.0 255.255.255.0 172.18.0.2 
R3 (config) # exit 
R3 (config) # 

Verify Static Routing 

Once Static routing is enabled, the IP Networks defined with the Static routing command are added 
into the routing information table. "S" represents Static route. 

Rl- Verification : 

Rl # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.16.0.0/16 is directly connected, Serial0/0 
C 172.18.0.0/16 is directly connected, Serial0/1 
S 10.0.0.0/8 [1/0] via 172.16.0.2 


CCNA Lab Manual 


Page | 51 


www.zoomgroup.com 


0 




ZOOM 


TECH NOLOGIE! 


C 192.168.2.0/24 is directly connected, Ethernet0/0 

S 192.168.3.0/24 [1/0] via 172.18.0.1 

Rl# 


R2- Verification : 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 

0 - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks 
C 10.0.0.0/8 is directly connected, GigabitEthernetO/O 
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0 

172.16.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 

172.17.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 

L 172.17.0.1/32 is directly connected, Serial0/0/0 
S 192.168.2.0/24 [1/0] via 172.16.0.1 
S 192.168.3.0/24 [1/0] via 172.17.0.2 
R2 # 

R3 - Verification : 

R3 # show ip route 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 

1 - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 

ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.17.0.0/16 is directly connected, Serial0/1 
C 172.18.0.0/16 is directly connected, Serial0/0 
S 10.0.0.0/8 [1/0] via 172.17.0.1 
S 192.168.2.0/24 [1/0] via 172.18.0.2 
C 192.168.3.0/24 is directly connected, FastEthernet0/0 
R3 # 
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Verify communication between the networks 


Verification from a Computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

Repeat the above ping verification from a computer in R2 and R3 Network. 
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LAB 5: RIP ROUTING 


OBJECTIVE: 

To configure RIP Routing for communicating between different networks on different routers. 


TOPOLOGY: 


Setup Ethernet and Serial connectivity for the lab as below 

so/i 


□ 




| Interface 

IP Address / Mask 

EO/O 

192.168.2.1/24 

SO/O 

172.16.0.1/16 

SO/1 

172.18.0.2/16 


G0/0 


Switch 




uu 




Interface 


G0/0 

SO/O/O 

SO/O/1 


IP Address / Mask 


10 . 0 . 0 . 1/8 

172.17.0. 1/16 

172.16.0. 2/16 


S0/0 



I I I . 


Interface 

IP Address / Mask 

ro/o 

192.168.3.1/24 

so/o 

172.18.0.1/16 

SO/l 

172.17.02/16 


Pre-requisite: WAN Interface configuration to be done on the router (LAB - 3) 


TASK: 

• Configure RIP Routing 

• Verify RIP Routing 

• Verify Communication between the networks 

• Verify RIP Update Packets 
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Configure RIP Routing 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # ip routing 

Rl (config) # router rip 

Rl (config-router) # network 192.168.2.0 

Rl (config-router) # network 172.16.0.0 

Rl (config-router) # network 172.18.0.0 

Rl (config-router) # end 

Rl (config) # 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # ip routing 

R2 (config) # router rip 

R2 (config-router) # network 10.0.0.0 

R2 (config-router) # network 172.16.0.0 

R2 (config-router) # network 172.17.0.0 

R2 (config-router) # end 

R2 (config) # 

R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config) # ip routing 

R3 (config) # router rip 

R3 (config-router) # network 192.168.3.0 

R3 (config-router) # network 172.17.0.0 

R3 (config-router) # network 172.18.0.0 

R3 (config-router) # end 

R3 (config) # 
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Verify RIP Routing 

Once RIP routing is enabled, IP Networks learnt via RIP are added into the routing table. "R" 
represents RIP route. 

R1 - Verification : 

R1 # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

R 172.17.0.0/16 [120/1] via 172.16.0.2, 00:16:59, Serial0/0 

[120/1] via 172.18.0.1, 00:16:59, Serial0/1 
C 172.16.0.0/16 is directly connected, Serial0/0 
C 172.18.0.0/16 is directly connected, Serial0/1 
R 10.0.0.0/8 [120/1] via 172.16.0.2, 00:16:59, Serial0/0 
C 192.168.2.0/24 is directly connected, Ethernet0/0 
R 192.168.3.0/24 [120/1] via 172.18.0.1, 00:16:59, Serial0/1 
Rl# 

R2 - Verification : 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 
Gateway of last resort is not set 

10.0. 0.0/8 is variably subnetted, 2 subnets, 2 masks 

C 10.0.0.0/8 is directly connected, GigabitEthernetO/O 
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0 

172.16.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 

172.17.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 

L 172.17.0.1/32 is directly connected, Serial0/0/0 
R 172.18.0.0/16 [120/1] via 172.17.0.2, 00:18:44, Serial0/0/0 

[120/1] via 172.16.0.1, 00:18:44, Serial0/0/l 
R 192.168.2.0/24 [120/1] via 172.16.0.1, 01:05:31, Serial0/0/l 
R 192.168.3.0/24 [120/1] via 172.17.0.2, 00:18:44, Serial0/0/0 
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R2# 

R3 - Verification : 

R3 # show ip route 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route 

Gateway of last resort is not set 
C 172.17.0.0/16 is directly connected, Serial0/1 
R 172.16.0.0/16 [120/1] via 172.18.0.2, 00:00:24, Serial0/0 

[120/1] via 172.17.0.1, 00:00:24, Serial0/1 
C 172.18.0.0/16 is directly connected, Serial0/0 
R 10.0.0.0/8 [120/1] via 172.17.0.1, 00:00:24, Serial0/1 
R 192.168.2.0/24 [120/1] via 172.18.0.2, 00:00:24, Serial0/0 
C 192.168.3.0/24 is directly connected, FastEthernetO/O 
R3# 

Verify communication between the networks 


Verification from a Computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

Repeat the above ping verification from a computer in R2 and R3 Network. 
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Verify RIP Packets 

Verify default behaviour of RIP Update packets by enabling debug commands 


Example - R2 

R2 # terminal monitor 
R2 # debug ip rip 

RIP protocol debugging is on 

R2#RIP: received vl update from 172.16.0.1 on Serial0/0/l 
172.18.0.0 in 1 hops 

192.168.2.0 ini hops 

192.168.3.0 in 2 hops 

RIP: sending vl update to 255.255.255.255 via FastEthernetO/O (10.0.0.1) 

RIP: build update entries 

network 172.16.0.0 metric 1 

network 172.17.0.0 metric 1 

network 172.18.0.0 metric 2 

network 192.168.2.0 metric 2 

network 192.168.3.0 metric 2 

RIP: sending vl update to 255.255.255.255 via Serial0/0/l (172.16.0.2) 

RIP: build update entries 

network 10.0.0.0 metric 1 

network 172.17.0.0 metric 1 

network 192.168.3.0 metric 2 

RIP: sending vl update to 255.255.255.255 via Serial0/0/0 (172.17.0.1) 

RIP: build update entries 

network 10.0.0.0 metric 1 

network 172.16.0.0 metric 1 

network 192.168.2.0 metric 2 


R2 # undebug all 

R2 # terminal no monitor 
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LAB 6: EIGRP ROUTING 


OBJECTIVE: 

To configure EIGRP Routing for communicating between different networks on different routers. 
To understand how EIGRP works and fine tune EIGRP configuration. 


TOPOLOGY: 

Setup Ethernet and Serial connectivity for the lab as below : 



192.168.2.1/24 

172.16.0. 1/16 

172.18.0. 2/16 
16.1.1.1/24 
16.1.2.1/24 
16.1.3.1/24 


Interface 

IP Address / Mask | 

GO/O 

10.0.0.1/8 

SO/O/O 

172.17.0.1/16 

SO/O/1 

172.16.0.2/16 

Lol 

17.1.1.1/24 

lo2 

17.1.2.1/24 

Lo3 

17.1.3.1/24 


I \L 

r^ZzT\ 

Interface 

IP Address / Mask 1 

FO/O 

192.168.3.1/24 

SO/O 

172.18.0.1/16 

SO/1 

172.17.0.2/16 

Lol 

18.1.1.1/24 

Lo2 

18.1.2.1/24 

Lo3 

18.1.3.1/24 


Pre-requisite: WAN Interface configuration to be done on the router (LAB - 3) 


TASK: 


Configure Loopback Interface 
Verify Loopback Interface 
Configure EIGRP Routing 
Verify EIGRP Routing 


Verify Communication between the networks 
Verify EIGRP Neighbour and Topology Table 
Verify EIGRP Packets 
Enable Passive Interface 
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• Disable Auto summary option 
Configure Loopback Interface 

Configure Loopback interface according to Lab Topology 

Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config)# interface Lo 1 

Rl (config-if)# ip address 16.1.1.1 255.255.255.0 

Rl (config)# interface Lo 2 

Rl (config-if)# ip address 16.1.2.1 255.255.255.0 

Rl (config)# interface Lo 3 

Rl (config-if)# ip address 16.1.3.1 255.255.255.0 

Rl (config-if)# exit 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config)# interface Lo 1 

R2 (config-if)# ip address 17.1.1.1 255.255.255.0 

R2 (config)# interface Lo 2 

R2 (config-if)# ip address 17.1.2.1 255.255.255.0 

R2 (config)# interface Lo 3 

R2 (config-if)# ip address 17.1.3.1 255.255.255.0 

R2 (config-if)# exit 

R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config)# interface Lo 1 

R3 (config-if)# ip address 18.1.1.1 255.255.255.0 

R3 (config)# interface Lo 2 

R3 (config-if)# ip address 18.1.2.1 255.255.255.0 

R3 (config)# interface Lo 3 

R3 (config-if)# ip address 18.1.3.1 255.255.255.0 

R3 (config-if)# exit 
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Verify Loopback Interface 






R1 - Verification: 







R1 # show ip interface brief 






Interface 

IP-Address 

OK? 

Method 

Status 


Protocol 

EthernetO/O 

192.168.2.1 

YES 

NVRAM 

up 


up 

SerialO/O 

172.16.0.1 

YES 

NVRAM 

up 


up 

SerialO/1 

172.18.0.2 

YES 

NVRAM 

up 


up 

Loopbackl 

16.1.1.1 

YES 

manual 

up 


up 

Loopback2 

16.1.2.1 

YES 

manual 

up 


up 

Loopback3 

16.1.3.1 

YES 

manual 

up 


up 

R2 - Verification: 







R2# show ip interface brief 






Interface 

IP-Address 

OK? 

Method 

Status 


Protocol 

GigabitEthernetO/O 

10.0.0.1 

YES 

NVRAM 

up 


up 

GigabitEthernetO/1 

unassigned 

YES 

NVRAM 

administratively down 

down 

Serial 0/0/0 

172.17.0.1 

YES 

manual 

up 


up 

Serial0/0/l 

172.16.0.2 

YES 

manual 

up 


up 

Loopbackl 

17.1.1.1 

YES 

manual 

up 


up 

Loopback2 

17.1.2.1 

YES 

manual 

up 


up 

Loopback3 

17.1.3.1 

YES 

manual 

up 


up 

R3 - Verification: 







R2# show ip interface brief 






Interface 

IP-Address 

OK? 

Method 

Status 


Protocol 

FastEthernetO/O 

192.168.3.1 

YES 

NVRAM 

up 


up 

Serial0/0 

172.18.0.1 

YES 

NVRAM 

up 


up 

FastEthernetO/1 

unassigned 

YES 

NVRAM 

administratively down 

down 

SerialO/1 

172.17.0.2 

YES 

NVRAM 

up 


up 

Loopbackl 

18.1.1.1 

YES 

manual 

up 


UP 

Loopback2 

18.1.2.1 

YES 

manual 

up 


up 

Loopback3 

18.1.3.1 

YES 

manual 

up 


up 
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Configure EIGRP Routing 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # ip routing 

Rl (config) # router eigrp 10 

Rl (config-router) # network 192.168.2.0 

Rl (config-router) # network 172.16.0.0 

Rl (config-router) # network 172.18.0.0 

Rl (config-router) # network 16.0.0.0 

Rl (config-router) # end 

Rl (config) # 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # ip routing 

R2 (config) # router eigrp 10 

R2 (config-router) # network 10.0.0.0 

R2 (config-router) # network 172.16.0.0 

R2 (config-router) # network 172.17.0.0 

R2 (config-router) # network 17.0.0.0 

R2 (config-router) # end 

R2 (config) # 

R3 - Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config) # ip routing 

R3 (config) # router eigrp 10 

R3 (config-router) # network 192.168.3.0 

R3 (config-router) # network 172.17.0.0 

R3 (config-router) # network 172.18.0.0 

R3 (config-router) # network 18.0.0.0 

R3 (config-router) # end 

R3 (config) # 


CCNA Lab Manual 


Page | 62 


www.zoomgroup.com 


0 



ZOOM 


TECH NOLOGIE! 


Verify EIGRP Routing 

Once EIGRP routing is enabled, IP Networks learnt via EIGRP are added into the routing table. "D" 
represents EIGRP route. 

R1 - Verification : 

R1 # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

17.0. 0.0/24 is subnetted, 3 subnets 

D 17.1.1.0 [90/2297856] via 172.16.0.2, 00:16:59, Serial0/0 
D 17.1.2.0 [90/2297856] via 172.16.0.2, 00:16:59, Serial0/0 
D 17.1.3.0 [90/2297856] via 172.16.0.2, 00:16:59, Serial0/0 

16.0. 0.0/8 is variably subnetted, 4 subnets, 2 masks 
D 16.0.0.0/8 is a summary, 00:16:59, NullO 

C 16.1.1.0/24 is directly connected, Loopbackl 
C 16.1.3.0/24 is directly connected, Loopback3 
C 16.1.2.0/24 is directly connected, Loopback2 
D 18.0.0.0/8 [90/2297856] via 172.18.0.1, 00:16:59, Serial0/1 
D 172.17.0.0/16 [90/2681856] via 172.16.0.2, 00:16:59, Serial0/0 
[90/2681856] via 172.18.0.1, 00:16:59, Serial0/1 
C 172.16.0.0/16 is directly connected, Serial0/0 
C 172.18.0.0/16 is directly connected, Serial0/1 
D 10.0.0.0/8 [90/2172416] via 172.16.0.2, 00:16:59, Serial0/0 
C 192.168.2.0/24 is directly connected, Ethernet0/0 
D 192.168.3.0/24 [90/2172416] via 172.18.0.1, 00:16:59, Serial0/1 
Rl# 

R2- Verification : 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

10.0. 0.0/8 is variably subnetted, 2 subnets, 2 masks 

C 10.0.0.0/8 is directly connected, GigabitEthernet0/0 
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L 10.0.0.1/32 is directly connected, GigabitEthernetO/O 
D 16.0.0.0/8 [90/896000] via 172.16.0.1, 01:05:31, Serial0/0/l 

17.0. 0.0/8 is variably subnetted, 6 subnets, 2 masks 
C 17.1.1.0/24 is directly connected, Loopbackl 

L 17.1.1.1/32 is directly connected, Loopbackl 
C 17.1.2.0/24 is directly connected, Loopback2 
L 17.1.2.1/32 is directly connected, Loopback2 
C 17.1.3.0/24 is directly connected, Loopback3 
L 17.1.3.1/32 is directly connected, Loopback3 
D 18.0.0.0/8 [90/896000] via 172.17.0.2, 00:18:44, Serial0/0/0 

172.16.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 

172.17.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 

L 172.17.0.1/32 is directly connected, Serial0/0/0 
D 172.18.0.0/16 [90/2681856] via 172.17.0.2, 00:18:44, Serial0/0/0 
[90/2681856] via 172.16.0.1, 00:18:44, Serial0/0/l 
D 192.168.2.0/24 [90/793600] via 172.16.0.1, 01:05:31, Serial0/0/l 
D 192.168.3.0/24 [90/770560] via 172.17.0.2, 00:18:44, Serial0/0/0 
R2# 

R3 - Verification : 

R3 # show ip route 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route 

Gateway of last resort is not set 

17.0. 0.0/24 is subnetted, 3 subnets 

D 17.1.1.0 [90/2297856] via 172.17.0.1, 00:00:24, Serial0/1 

D 17.1.2.0 [90/2297856] via 172.17.0.1, 00:00:24, Serial0/1 

D 17.1.3.0 [90/2297856] via 172.17.0.1, 00:00:24, Serial0/1 

D 16.0.0.0/8 [90/2297856] via 172.18.0.2, 00:00:24, Serial0/0 

18.0. 0.0/8 is variably subnetted, 4 subnets, 2 masks 
C 18.1.3.0/24 is directly connected, Loopback3 

C 18.1.2.0/24 is directly connected, Loopback2 
C 18.1.1.0/24 is directly connected, Loopbackl 
D 18.0.0.0/8 is a summary, 00:00:13, NullO 
C 172.17.0.0/16 is directly connected, Serial0/1 
D 172.16.0.0/16 [90/2681856] via 172.18.0.2, 00:00:24, Serial0/0 
[90/2681856] via 172.17.0.1, 00:00:24, Serial0/1 
C 172.18.0.0/16 is directly connected, Serial0/0 
D 10.0.0.0/8 [90/2172416] via 172.17.0.1, 00:00:24, Serial0/1 
D 192.168.2.0/24 [90/2195456] via 172.18.0.2, 00:00:24, Serial0/0 
C 192.168.3.0/24 is directly connected, FastEthernet0/0 
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R3# 


Verify communication between the networks 


Verification from a Computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

Repeat the above ping verification from a computer in R2 and R3 Network. 



0 
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Verify EIGRP Neighbour and Topology Table 


R1 - Verification : 

R1 # show ip eigrp neighbor 

IP-EIGRP neighbors for process 10 


H 

Address 

Interface 

(sec) 

Hold 

Uptime 

(ms) 

SRTT 

RTO 

Cnt 

Q 

Num 

Seq 

1 

172.18.0.1 

Se0/1 

10 

00:07:26 

69 

414 

0 

13 

0 

172.16.0.2 

Se0/0 

11 

00:54:13 

25 

200 

0 

15 


Rl# 


R1 # show ip eigrp topology 

IP-EIGRP Topology Table for AS(10)/ID(16.1.3.1) 

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, 
r - Reply status 

P 10.0.0.0/8, 1 successors, FD is 2172416 

via 172.16.0.2 (2172416/28160), Serial0/0 
via 172.18.0.1 (2684416/770560), Serial0/1 
P 16.0.0.0/8, 1 successors, FD is 128256 
via Summary (128256/0), NullO 
P 16.1.1.0/24, 1 successors, FD is 128256 
via Connected, Loopbackl 
P 17.1.1.0/24, 1 successors, FD is 2297856 

via 172.16.0.2 (2297856/128256), Serial0/0 
via 172.18.0.1 (2809856/896000), Serial0/1 
P 17.1.2.0/24, 1 successors, FD is 2297856 

via 172.16.0.2 (2297856/128256), Serial0/0 
via 172.18.0.1 (2809856/896000), Serial0/1 
P 18.0.0.0/8, 1 successors, FD is 2297856 

via 172.18.0.1 (2297856/128256), Serial0/1 
via 172.16.0.2 (2809856/896000), Serial0/0 
P 16.1.3.0/24, 1 successors, FD is 128256 
via Connected, Loopback3 
P 17.1.3.0/24, 1 successors, FD is 2297856 

via 172.16.0.2 (2297856/128256), Serial0/0 
via 172.18.0.1 (2809856/896000), Serial0/1 
P 16.1.2.0/24, 1 successors, FD is 128256 
via Connected, Loopback2 
P 192.168.2.0/24, 1 successors, FD is 281600 
via Connected, Ethernet0/0 
P 192.168.3.0/24, 1 successors, FD is 2172416 
via 172.18.0.1 (2172416/28160), Serial0/1 
via 172.16.0.2 (2684416/770560), Serial0/0 
P 172.16.0.0/16, 1 successors, FD is 2169856 
via Connected, Serial0/0 
via 172.18.0.1 (3193856/1280000), SerialO/1 
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P 172.17.0.0/16, 2 successors, FD is 2681856 
via 172.18.0.1 (2681856/768000), Serial0/1 
via 172.16.0.2 (2681856/768000), Serial0/0 
P 172.18.0.0/16, 1 successors, FD is 2169856 
via Connected, SerialO/1 


Rl# 


R2- Verification : 

R2 # show ip eigrp neighbor 

EIGRP-IPv4 Neighbors for AS(10) 


H 

Address 

Interface 

(sec) 

Hold 

Uptime 

(ms) 

SRTT 

RTO 

Cnt 

Q 

Num 

Seq 

1 

172.16.0.1 

Se0/0/l 

13 

01:06:11 

28 

200 

0 

7 

0 

172.17.0.2 

Se0/0/0 

14 

01:09:47 

26 

200 

0 

10 


R2# 

R2 # show ip eigrp topology 

EIGRP-IPv4 Topology Table for AS(10)/ID(17.1.3.1) 

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, 
r - reply Status, s - sia Status 

P 192.168.3.0/24, 1 successors, FD is 770560 
via 172.17.0.2 (770560/28160), Serial0/0/0 
P 192.168.2.0/24, 1 successors, FD is 793600 
via 172.16.0.1 (793600/281600), Serial0/0/l 
P 17.1.2.0/24, 1 successors, FD is 128256 
via Connected, Loopback2 
P 172.16.0.0/16, 1 successors, FD is 768000 
via Connected, Serial0/0/l 
P 10.0.0.0/8, 1 successors, FD is 28160 
via Connected, GigabitEthernet0/0 
P 172.18.0.0/16, 2 successors, FD is 2681856 

via 172.16.0.1 (2681856/2169856), Serial0/0/l 
via 172.17.0.2 (2681856/2169856), Serial0/0/0 
P 17.1.3.0/24, 1 successors, FD is 128256 
via Connected, Loopback3 
P 172.17.0.0/16, 1 successors, FD is 768000 
via Connected, Serial0/0/0 
P 18.0.0.0/8, 1 successors, FD is 896000 

via 172.17.0.2 (896000/128256), Serial0/0/0 
P 16.0.0.0/8, 1 successors, FD is 896000 

via 172.16.0.1 (896000/128256), Serial0/0/l 
P 17.1.1.0/24, 1 successors, FD is 128256 
via Connected, Loopbackl 

R2# 
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R3 - Verification: 

R3 # show ip eigrp neighbor 

IP-EIGRP neighbors for process 10 


H 

Address 

Interface 

(sec) 

Hold 

Uptime 

(ms) 

SRTT 

RTO Q 

Cnt Num 

Seq 

1 

172.17.0.1 

Se0/1 

13 

00:00:53 

69 

200 

0 

11 

0 

172.18.0.2 

Se0/0 

13 

00:01:02 

411 

2466 

0 

12 


R3# 


R3 # show ip eigrp topology 

IP-EIGRP Topology Table for AS(10)/ID(18.1.3.1) 

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, 
r - reply Status, s - sia Status 

P 10.0.0.0/8, 1 successors, FD is 2172416 

via 172.17.0.1 (2172416/28160), Serial0/1 
P 18.1.3.0/24, 1 successors, FD is 128256 
via Connected, Loopback3 
P 16.0.0.0/8, 1 successors, FD is 2297856 

via 172.18.0.2 (2297856/128256), Serial0/0 
P 18.1.2.0/24, 1 successors, FD is 128256 
via Connected, Loopback2 
P 17.1.1.0/24, 1 successors, FD is 2297856 

via 172.17.0.1 (2297856/128256), Serial0/1 
P 18.0.0.0/8, 1 successors, FD is 128256 
via Summary (128256/0), NullO 
P 18.1.1.0/24, 1 successors, FD is 128256 
via Connected, Loopbackl 
P 17.1.2.0/24, 1 successors, FD is 2297856 

via 172.17.0.1 (2297856/128256), Serial0/1 
P 17.1.3.0/24, 1 successors, FD is 2297856 

via 172.17.0.1 (2297856/128256), Serial0/1 
P 192.168.2.0/24, 1 successors, FD is 2195456 
via 172.18.0.2 (2195456/281600), Serial0/0 
P 192.168.3.0/24, 1 successors, FD is 28160 
via Connected, FastEthernet0/0 
P 172.16.0.0/16, 2 successors, FD is 2681856 
via 172.17.0.1 (2681856/2169856), Serial0/1 
via 172.18.0.2 (2681856/2169856), Serial0/0 
P 172.17.0.0/16, 1 successors, FD is 2169856 
via Connected, Serial0/1 
P 172.18.0.0/16, 1 successors, FD is 2169856 
via Connected, Serial0/0 
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Verify EIGRP Packets 

Verify default behaviour of EIGRP Hello / Update packets by enabling debug commands 


Example - R2 

R2 # terminal monitor 
R2 # debug eigrp packet 

(UPDATE, REQUEST, QUERY, REPLY, HELLO, IPXSAP, PROBE, ACK, STUB, SIAQUERY, SIAREPLY) 
EIGRP Packet debugging is on 

*Jul 21 17:57:04.245: EIGRP: Packet from ourselves ignored 
*Jul 21 17:57:04.861: EIGRP: Sending HELLO on Serial0/0/0 

*Jul 21 17:57:04.861: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 
*Jul 21 17:57:04.909: EIGRP: Sending HELLO on Serial0/0/l 

*Jul 21 17:57:04.909: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 
*Jul 21 17:57:04.917: EIGRP: Received HELLO on Serial0/0/l nbr 172.16.0.1 
*Jul 21 17:57:04.917: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ 
un/rely 0/0 

*Jul 21 17:57:05.621: EIGRP: Received HELLO on Serial0/0/0 nbr 172.17.0.2 

*Jul 21 17:57:05.621: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ 

un/rely 0/0 

*Jul 21 17:57:05.793: EIGRP: Received HELLO on GigabitEthernet0/0 nbr 192.168.3.1 

*Jul 21 17:57:05.793: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 

*Jul 21 17:57:05.793: EIGRP-IPv4(10): Neighbor 192.168.3.1 not on common subnet for 

GigabitEthernet0/0 

*Jul 21 17:57:06.949: EIGRP: Received HELLO on GigabitEthernet0/0 nbr 192.168.2.1 
*Jul 21 17:57:06.949: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 
*Jul 21 17:57:07.317: EIGRP: Sending HELLO on Loopbackl 

*Jul 21 17:57:07.317: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 
*Jul 21 17:57:07.317: EIGRP: Received HELLO on Loopbackl nbr 17.1.1.1 
*Jul 21 17:57:07.317: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 
*Jul 21 17:57:07.317: EIGRP: Packet from ourselves ignored 
*Jul 21 17:57:07.409: EIGRP: Sending HELLO on GigabitEthernet0/0 
*Jul 21 17:57:07.409: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 
! 

coutput omitted> 

! 

*Jul 21 17:57:12.109: EIGRP: Packet from ourselves ignored 

*Jul 21 17:57:12.201: EIGRP: Sending HELLO on GigabitEthemetO/O 

*Jul 21 17:57:12.201: AS 10, Flags 0x0:(NULL), Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 

*Jul 21 17:57:12.437: EIGRP: Sending HELLO on Loopback3 

R2 # undebug all 

R2 # terminal no monitor 
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Enabling Passive Interface 

To disable sending of EIGRP hello / updates packet on selected Interface, (i.e. Ethernet lnterface)we 
use the passive interface command. 


Example - R2 

R2# configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # router eigrp 10 

R2 (config-router) # passive-interface Gigabitethernet 0/0 
R2 (config-router) # end 

R2 - Verification : 

After enabling passive interface, again verify the behaviour of EIGRP Hello / Update packets by 
enabling debug commands. Now you will not see the following line in the debug outputs. 

EIGRP: Sending HELLO on GigabitEthernetO/O 

This means you have successfully disabled sending of EIGRP hello / updates packet on selected 
Interface. 


Disabling EIGRP Auto Summary 

By default EIGRP auto summary is enabled on CISCO IOS prior to 12.4. Let's try to understand the 

difference in routing table output when auto summary is enabled and when it is disabled. 

Verify Routing Table on R2 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

10.0. 0.0/8 is variably subnetted, 2 subnets, 2 masks 

C 10.0.0.0/8 is directly connected, GigabitEthernet0/0 

L 10.0.0.1/32 is directly connected, GigabitEthernet0/0 

D 16.0.0.0/8 [90/2297856] via 172.16.0.1, 00:20:38, Serial0/0/l 

17.0. 0.0/8 is variably subnetted, 6 subnets, 2 masks 

C 17.1.1.0/24 is directly connected, Loopbackl 
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L 17.1.1.1/32 is directly connected, Loopbackl 
C 17.1.2.0/24 is directly connected, Loopback2 
L 17.1.2.1/32 is directly connected, Loopback2 
C 17.1.3.0/24 is directly connected, Loopback3 
L 17.1.3.1/32 is directly connected, Loopback3 
D 18.0.0.0/8 [90/2297856] via 172.17.0.2, 00:20:37, Serial0/0/0 

172.16.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 

172.17.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 

L 172.17.0.1/32 is directly connected, Serial0/0/0 
D 172.18.0.0/16 [90/2681856] via 172.17.0.2, 00:20:43, Serial0/0/0 
[90/2681856] via 172.16.0.1, 00:20:43, Serial0/0/l 
D 192.168.2.0/24 [90/2195456] via 172.16.0.1, 00:20:38, Serial0/0/l 
D 192.168.3.0/24 [90/2172416] via 172.17.0.2, 00:20:38, Serial0/0/0 
R2# 


Disable Auto Summary on R1 

R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R1 (config) # router eigrp 10 

R1 (config-router)# no auto-summary 

R1 (config-router)# end 

Verify Routing Table on R2 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

10.0. 0.0/8 is variably subnetted, 2 subnets, 2 masks 

C 10.0.0.0/8 is directly connected, GigabitEthernetO/O 

L 10.0.0.1/32 is directly connected, GigabitEthernet0/0 

16.0. 0.0/24 is subnetted, 3 subnets 

D 16.1.1.0 [90/2297856] via 172.16.0.1, 00:00:07, Serial0/0/l 

D 16.1.2.0 [90/2297856] via 172.16.0.1, 00:00:07, Serial0/0/l 

D 16.1.3.0 [90/2297856] via 172.16.0.1, 00:00:07, Serial0/0/l 

17.0. 0.0/8 is variably subnetted, 6 subnets, 2 masks 

C 17.1.1.0/24 is directly connected, Loopbackl 

L 17.1.1.1/32 is directly connected, Loopbackl 
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C 17.1.2.0/24 is directly connected, Loopback2 
L 17.1.2.1/32 is directly connected, Loopback2 
C 17.1.3.0/24 is directly connected, Loopback3 
L 17.1.3.1/32 is directly connected, Loopback3 
D 18.0.0.0/8 [90/2297856] via 172.17.0.2, 00:00:07, Serial0/0/0 

172.16.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 

172.17.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 

L 172.17.0.1/32 is directly connected, Serial0/0/0 
D 172.18.0.0/16 [90/2681856] via 172.17.0.2, 00:00:07, Serial0/0/0 
[90/2681856] via 172.16.0.1, 00:00:07, Serial0/0/l 
D 192.168.2.0/24 [90/2195456] via 172.16.0.1, 00:00:07, Serial0/0/l 
D 192.168.3.0/24 [90/2172416] via 172.17.0.2, 00:00:07, Serial0/0/0 
R2 # 
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LAB 7: OSPF ROUTING - Single Area 


OBJECTIVE: 

To configure OSPF Routing in a single area. 

To understand how OSPF works and fine tune OSPF configuration. 


TOPOLOGY: 

Setup Ethernet and Serial connectivity for the lab as below: 


so/i 


so/o 




Interface 

IP Address / Mask 

EO/O 

SO/O 

SO/1 

192.168.2.1/24 

172.16.0. 1/16 

172.18.0. 2/16 



10 . 0 . 0 . 1/8 

172.17.0. 1/16 

172.16.0. 2/16 


Interface 

IP Address / Mask 

FO/O 

192.168.3.1/24 

SO/O 

172.18.0.1/16 

SO/1 

172.17.0.2/16 


Pre-requisite: WAN Interface configuration to be done on the router (LAB - 3) 


TASK: 


Configure OSPF Routing - Single Area 
Verify OSPF Routing - Single Area 
Verify Communication between the networks 
Verify OSPF Neighbour and Topology Table 
Verify OSPF Packets 
Enable Passive Interface 
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Configure OSPF Routing - Single Area 

Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
Rl (config) # ip routing 
Rl (config) # router ospf 1 

Rl (config-router) # network 192.168.2.0 0.0.0.255 area 0 
Rl (config-router) # network 172.16.0.0 0.0.255.255 area 0 
Rl (config-router) # network 172.18.0.0 0.0.255.255 area 0 
Rl (config-router) # end 
Rl (config) # 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R2 (config) # ip routing 
R2 (config) # router ospf 2 

R2 (config-router) # network 10.0.0.0 0.255.255.255 area 0 
R2 (config-router) # network 172.16.0.0 0.0.255.255 area 0 
R2 (config-router) # network 172.17.0.0 0.0.255.255 area 0 
R2 (config-router) # end 
R2 (config) # 

R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R3 (config) # ip routing 
R3 (config) # router ospf 3 

R3 (config-router) # network 192.168.3.0 0.0.0.255 area 0 
R3 (config-router) # network 172.17.0.0 0.0.255.255 area 0 
R3 (config-router) # network 172.18.0.0 0.0.255.255 area 0 

R3 (config-router) # end 
R3 (config) # 
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Verify OSPF Routing - Single Area 

Once OSPF routing is enabled, the IP Networkslearned through OSPF are added into the routing 
table. "O" represents anOSPF route. 


R1 - Verification : 

R1 # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

0 172.17.0.0/16 [110/128] via 172.16.0.2, 00:00:01, Serial0/0 

[110/128] via 172.18.0.1, 00:00:01, Serial0/1 
C 172.16.0.0/16 is directly connected, Serial0/0 
C 172.18.0.0/16 is directly connected, Serial0/1 
O 10.0.0.0/8 [110/65] via 172.16.0.2, 00:00:01, Serial0/0 
C 192.168.2.0/24 is directly connected, Ethernet0/0 
O 192.168.3.0/24 [110/65] via 172.18.0.1, 00:00:01, Serial0/1 
Rl# 


R2 - Verification : 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

10.0. 0.0/8 is variably subnetted, 2 subnets, 2 masks 

C 10.0.0.0/8 is directly connected, GigabitEthernetO/O 
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0 

172.16.0. 0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 
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172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 
L 172.17.0.1/32 is directly connected, Serial0/0/0 
O 172.18.0.0/16 [110/128] via 172.17.0.2, 00:00:51, Serial0/0/0 

[110/128] via 172.16.0.1, 00:01:55, Serial0/0/l 
O 192.168.2.0/24 [110/74] via 172.16.0.1, 00:01:55, Serial0/0/l 
O 192.168.3.0/24 [110/65] via 172.17.0.2, 00:01:01, Serial0/0/0 
R2 # 


R3 - Verification : 

R3 # show ip route 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.17.0.0/16 is directly connected, Serial0/1 
O 172.16.0.0/16 [110/128] via 172.18.0.2, 00:01:48, Serial0/0 

[110/128] via 172.17.0.1, 00:01:48, Serial0/1 
C 172.18.0.0/16 is directly connected, Serial0/0 
O 10.0.0.0/8 [110/65] via 172.17.0.1, 00:01:48, Serial0/1 
O 192.168.2.0/24 [110/74] via 172.18.0.2, 00:01:48, Serial0/0 
C 192.168.3.0/24 is directly connected, FastEthernet0/0 
R3 # 
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Verify communication between the networks 


Verification from a Computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

Repeat the above ping verification from a computer in R2 and R3 Network. 
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Verify OSPF Neighbour and Database Table 


Rl- Verification: 


R1 # show ip ospf neighbor 


Neighbor ID 

Pri State 

Dead Time Address 

Interface 

172.17.0.1 

1 FULL/ - 

00:00:31 172.16.0.2 

SerialO/O 

192.168.3.1 

1 FULL/ - 

00:00:34 172.18.0.1 

SerialO/1 

Rl# 




Rl # show ip ospf database 




OSPF Router with ID (192.168.2.1) (Process ID 1) 


Router Link States (Area 0) 



Link ID 

ADV Router 

Age 

Seq# 

Checksum 

Link count 

172.17.0.1 

172.17.0.1 

56 

0x80000005 

0x385F 

5 


192.168.2.1 

192.168.2.1 

48 

0x80000005 

0xD3A9 

5 


192.168.3.1 

192.168.3.1 

46 

0x80000004 

0x87 B 

5 


Rl# 







R2 - Verification: 




R2 # show ip ospf neighbor 




Neighbor ID 

Pri State 

Dead Time 

Address 

Interface 

192.168.3.1 

0 FULL/ - 

00:00:39 

172.17.0.2 

Seria 10/0/0 

192.168.2.1 

0 FULL/ - 

00:00:32 

172.16.0.1 

Serial0/0/l 


R2 # 

R2 # show ip ospf database 

OSPF Router with ID (172.17.0.1) (Process ID 2) 


Router Link States (Area 0) 


Link ID 

ADV Router 

Age 

Seq# 

Checksum Link count 

172.17.0.1 

172.17.0.1 

56 

0x80000005 

0x385F 5 

192.168.2.1 

192.168.2.1 

48 

0x80000005 

0xD3A9 5 

192.168.3.1 

192.168.3.1 

46 

0x80000004 

0x87 B 5 


R2 # 
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R3 - Verification: 

R3 # show ip ospf neighbor 

Neighbor ID Pri State Dead Time Address Interface 

192.168.2.1 0 FULL/ - 00:00:38 172.18.0.2 Serial0/0 

172.17.0.1 0 FULL/ - 00:00:34 172.17.0.1 Serial0/1 

R3 # 


R3 # show ip ospf database 

OSPF Router with ID (192.168.3.1) (Process ID 3) 


Router Link States (Area 0) 


Link ID 

ADV Router 

Age 

Seq# 

Checksum 

Link count 

172.17.0.1 

172.17.0.1 

176 

0x80000005 

0x385F 

5 


192.168.2.1 

192.168.2.1 

169 

0x80000005 

0xD3A9 

5 


192.168.3.1 

192.168.3.1 

165 

0x80000004 

0x87 B 

5 



R3 # 

Verify OSPF Hello Packets 

Verify default behaviour of OSPF Hello packets by enabling debug commands 


Example - R2 

R2 # terminal monitor 
R2 # debug ip ospf hello 

OSPF hello events debugging is on 
R2# 

*Jul 22 20:00:44.967: OSPF: Rev hello from 192.168.3.1 area 0 from Serial0/0/0 172.17.0.2 
*Jul 22 20:00:44.967: OSPF: End of hello processing 

*Jul 22 20:00:46.011: OSPF: Send hello to 224.0.0.5 area 0 on GigabitEthernetO/O from 10.0.0.1 
*Jul 22 20:00:47.959: OSPF: Rev hello from 192.168.2.1 area 0 from Serial0/0/l 172.16.0.1 
*Jul 22 20:00:47.959: OSPF: End of hello processing 

*Jul 22 20:00:49.779: OSPF: Send hello to 224.0.0.5 area 0 on Serial0/0/0 from 172.17.0.1 

*Jul 22 20:00:51.263: OSPF: Send hello to 224.0.0.5 area 0 on Serial0/0/l from 172.16.0.2 

*Jul 22 20:00:54.967: OSPF: Rev hello from 192.168.3.1 area 0 from Serial0/0/0 172.17.0.2 
*Jul 22 20:00:54.967: OSPF: End of hello processing 

*Jul 22 20:00:55.279: OSPF: Send hello to 224.0.0.5 area 0 on GigabitEthernet0/0 from 10.0.0.1 
*Jul 22 20:00:57.959: OSPF: Rev hello from 192.168.2.1 area 0 from Serial0/0/l 172.16.0.1 
*Jul 22 20:00:57.959: OSPF: End of hello processing 

*Jul 22 20:00:59.011: OSPF: Send hello to 224.0.0.5 area 0 on Serial0/0/0 from 172.17.0.1 

*Jul 22 20:01:00.963: OSPF: Send hello to 224.0.0.5 area 0 on Serial0/0/l from 172.16.0.2 

R2 # 

R2 # undebug all 

R2 # terminal no monitor 
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Enable passive interface 

This command disables OSPF Hello packets from being sent on that interface. 


Example - R2 

R2# configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # router ospf 2 

R2 (config-router) # passive-interface Gigabitethernet 0/0 
R2 (config-router) # end 

R2 - Verification : 

After enabling above commands, again verify default behaviour of OSPF Hello packets by enabling 
debug commands. Now you will not able see the following line in the debug outputs. 

OSPF: Send hello to 224.0.0.5 area 0 on GigabitEthernetO/O from 10.0.0.1 

This means that you have successfully disabled sending of OSPF Hello packet on selected Interface. 
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LAB 8: OSPF ROUTING - Multiple Area 


OBJECTIVE: 

To configure OSPF with a backbone area (area 0) and multiple areas connected to the backbone. 


TOPOLOGY: 


Setup Ethernet and Serial connectivity for the lab as below : 



Interface IP Address / Mask 


GO/O 10.0.0.1/8 

SO/O/O 172.17.0.1/16 

S0/0/1 172.16.0.2/16 


Pre-requisite: WAN Interface configuration to be done on the router (LAB - 3) 
TASK: 

• Configure OSPF Routing with backbone area and multiple connected areas. 

• Verify OSPF Routing 

• Verify Communication between the networks 

• Verify OSPF Neighbour and Topology Table 
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Configure OSPF Routing with backbone area and multiple connected areas. 

Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # ip routing 
Rl (config) # router ospf 1 

Rl (config-router) # network 192.168.2.0 0.0.0.255 area 1 
Rl (config-router) # network 172.16.0.0 0.0.255.255 area 0 
Rl (config-router) # network 172.18.0.0 0.0.255.255 area 0 
Rl (config-router) # end 
Rl (config) # 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # ip routing 
R2 (config) # router ospf 2 

R2 (config-router) # network 10.0.0.0 0.255.255.255 area 0 
R2 (config-router) # network 172.16.0.0 0.0.255.255 area 0 
R2 (config-router) # network 172.17.0.0 0.0.255.255 area 0 
R2 (config-router) # end 
R2 (config) # 

R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config) # ip routing 
R3 (config) # router ospf 3 

R3 (config-router) # network 192.168.3.0 0.0.0.255 area 2 
R3 (config-router) # network 172.17.0.0 0.0.255.255 area 0 
R3 (config-router) # network 172.18.0.0 0.0.255.255 area 0 

R3 (config-router) # end 
R3 (config) # 
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Verify OSPF Routing 

Once OSPF routing is enabled, IP networks learned through OSPF are added into the routing table. 
"IA" represents OSPF Inter Area route. 


R1 - Verification : 

R1 # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

0 172.17.0.0/16 [110/128] via 172.16.0.2, 00:00:01, Serial0/0 

[110/128] via 172.18.0.1, 00:00:01, Serial0/1 
C 172.16.0.0/16 is directly connected, Serial0/0 
C 172.18.0.0/16 is directly connected, Serial0/1 
O 10.0.0.0/8 [110/65] via 172.16.0.2, 00:00:01, Serial0/0 
C 192.168.2.0/24 is directly connected, Ethernet0/0 
O IA 192.168.3.0/24 [110/65] via 172.18.0.1, 00:00:01, Serial0/1 
Rl# 


R2 - Verification : 

R2 # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks 
C 10.0.0.0/8 is directly connected, GigabitEthernetO/O 
L 10.0.0.1/32 is directly connected, GigabitEthernet0/0 
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.16.0.0/16 is directly connected, Serial0/0/l 

L 172.16.0.2/32 is directly connected, Serial0/0/l 
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172.17.0.0/16 is variably subnetted, 2 subnets, 2 masks 
C 172.17.0.0/16 is directly connected, Serial0/0/0 

L 172.17.0.1/32 is directly connected, Serial0/0/0 

O 172.18.0.0/16 [110/128] via 172.17.0.2, 00:00:51, Serial0/0/0 

[110/128] via 172.16.0.1, 00:01:55, Serial0/0/l 
O IA 192.168.2.0/24 [110/74] via 172.16.0.1, 00:01:55, Serial0/0/l 
O IA 192.168.3.0/24 [110/65] via 172.17.0.2, 00:01:01, Serial0/0/0 
R2 # 


R3 - Verification : 

R3 # show ip route 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.17.0.0/16 is directly connected, Serial0/1 
O 172.16.0.0/16 [110/128] via 172.18.0.2, 00:01:48, Serial0/0 

[110/128] via 172.17.0.1, 00:01:48, Serial0/1 
C 172.18.0.0/16 is directly connected, Serial0/0 
O 10.0.0.0/8 [110/65] via 172.17.0.1, 00:01:48, Serial0/1 
O IA 192.168.2.0/24 [110/74] via 172.18.0.2, 00:01:48, Serial0/0 
C 192.168.3.0/24 is directly connected, FastEthernet0/0 
R3 # 
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Verify communication between the networks 


Verification from a Computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

Repeat the above ping verification from a computer in R2 and R3 Network. 
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Verify OSPF Neighbour and Database Table 


Rl- Verification: 


R1 # show ip ospf neighbor 


Neighbor ID Pri State Dead Time Address Interface 

172.17.0.1 1 FULL/ - 00:00:31 172.16.0.2 Serial0/0 

192.168.3.1 1 FULL/ - 00:00:34 172.18.0.1 Serial0/1 

Rl# 


Rl # show ip ospf database 


OSPF Router with ID (192.168.2.1) (Process ID 1) 

Router Link States (Area 0) 


Link ID 

ADV Router 

Age 

Seq# 

Checksum 

Link count 

172.17.0.1 

172.17.0.1 

161 

0x80000005 

0x385F 

5 

192.168.2.1 

192.168.2.1 

147 

0x80000005 

0xA35E 

4 

192.168.3.1 

192.168.3.1 

125 

0x80000004 

0xF20D 

4 


Summary Net Link States (Area 0) 



Link ID 

ADV Router 

Age 

Seq# 

Checksum 


192.168.2.0 

192.168.2.1 

586 

0x80000001 

0x655 


192.168.3.0 

192.168.3.1 

120 

0x80000001 

0x99C8 



Router Link States (Area 1) 



Link ID 

ADV Router 

Age 

Seq# 

Checksum 

Link count 

192.168.2.1 

192.168.2.1 

596 

0x80000001 

0x4B98 

1 


Summary Net Link States (Area 1) 



Link ID 

ADV Router 

Age 

Seq# 

Checksum 


10.0.0.0 

192.168.2.1 

379 

0x80000001 

0x7312 


172.16.0.0 

192.168.2.1 

364 

0x80000004 

0x6070 


172.17.0.0 

192.168.2.1 

145 

0x80000003 

0xD8B7 


172.18.0.0 

192.168.2.1 

116 

0x80000004 

0x4886 


192.168.3.0 

192.168.2.1 

121 

0x80000001 

0x23FF 


Rl# 
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R2- Verification: 


R2 # show ip ospf neighbor 


Neighbor ID Pri State Dead Time Address Interface 

192.168.3.1 0 FULL/ - 00:00:39 172.17.0.2 Serial0/0/0 

192.168.2.1 0 FULL/ - 00:00:32 172.16.0.1 Serial0/0/l 

R2 # 


R2 # show ip ospf database 

OSPF Router with ID (172.17.0.1) (Process ID 2) 


Router Link States (Area 0) 


Link ID 

ADV Router 

Age 

Seq# 

Checksum 

Link count 

172.17.0.1 

172.17.0.1 

56 

0x80000005 

0x385F 

5 

192.168.2.1 

192.168.2.1 

48 

0x80000005 

0xD3A9 

5 

192.168.3.1 

192.168.3.1 

46 

0x80000004 

0x87 B 

5 


Summary Net Link States (Area 0) 



Link ID 

ADV Router 

Age 

Seq# 

Checksum 


192.168.2.0 

192.168.2.1 

1179 

0x80000001 

0x000655 


192.168.3.0 

192.168.3.1 

713 

0x80000001 

0x0099C8 



R2 # 


R3 - Verification: 

R3 # show ip ospf neighbor 

Neighbor ID Pri State Dead Time Address Interface 

192.168.2.1 0 FULL/ - 00:00:38 172.18.0.2 Serial0/0 

172.17.0.1 0 FULL/ - 00:00:34 172.17.0.1 Serial0/1 

R3 # 


R3 # show ip ospf database 

OSPF Router with ID (192.168.3.1) (Process ID 3) 


Router Link States (Area 0) 


Link ID 

ADV Router 

Age 

Seq# 

Checksum 

Link count 

172.17.0.1 

172.17.0.1 

488 

0x80000006 

0x00D5C0 

5 


192.168.2.1 

192.168.2.1 

1465 

0x80000005 

0x00A35E 

4 


192.168.3.1 

192.168.3.1 

1441 

0x80000004 

0x00F20D 

4 
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Summary Net Link States (Area 0) 

Link ID ADV Router Age Seq# Checksum 

192.168.2.0 192.168.2.1 1904 0x80000001 0x000655 

192.168.3.0 192.168.3.1 1437 0x80000001 0x0099C8 


Router Link States (Area 2) 

Link ID ADV Router Age Seq# Checksum Link count 

192.168.3.1 192.168.3.1 1441 0x80000001 0x009F4A 1 


Summary Net Link States (Area 2) 


Link ID 

ADV Router 

Age 

Seq# 

Checksum 

10.0.0.0 

192.168.3.1 

1442 

0x80000001 

0x006C18 

172.16.0.0 

192.168.3.1 

1442 

0x80000001 

OxOOElBO 

172.17.0.0 

192.168.3.1 

1442 

0x80000001 

0x00537E 

172.18.0.0 

192.168.3.1 

1442 

0x80000001 

0x004789 

192.168.2.0 

192.168.3.1 

1443 

0x80000001 

0x008198 

R3# 
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LAB 9: OSPF ROUTING - DR (Designated Router) and BDR (Backup 

Designated Router) 


OBJECTIVE: 

To understand how a DR and BDR are elected when OPSF is configured on routers connected via 
Ethernet 

TOPOLOGY: 

Setup the routers for the lab as below: 



TASK: 

• Configure OSPF Routing 

• Verify OSPF Neighbour relationship (DR / BDR / DROTHER) 

• Understand OSPF DR and BDR Election 

• Change OSPF Priority to force a particular router to become the DR 
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Configure OSPF Routing 

Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
Rl (config) # ip routing 
Rl (config) # router ospf 1 

Rl (config-router) # network 10.0.0.0 0.255.255.255 area 0 

Rl (config-router) # end 
Rl (config) # 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R2 (config) # ip routing 
R2 (config) # router ospf 2 

R2 (config-router) # network 10.0.0.0 0.255.255.255 area 0 

R2 (config-router) # end 
R2 (config) # 

R3 - Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R3 (config) # ip routing 
R3 (config) # router ospf 3 

R3 (config-router) # network 10.0.0.0 0.255.255.255 area 0 

R3 (config-router) # end 
R3 (config) # 
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Verify OSPF Neighbour relationship (DR / BDR / DROTHER) 

By default, when OSPF is configured on a router on Ethernet, the first router becomes the DR. The 
router which is configured next becomes the BDR. 


R1 - Verification : 

R1 # show ip ospf neighbor 

Neighbor ID Pri State Dead Time Address Interface 

10.0. 0.3 1 FULL/DROTHER 00:00:36 10.0.0.3 Ethernet0/0 

10.0. 0.2 1 FULL/BDR 00:00:38 10.0.0.2 Ethernet0/0 

Rl# 


R2- Verification: 

R2 # show ip ospf neighbor 

Neighbor ID Pri State 

Dead Time 

Address 

Interface 

10.0.0.1 1 FULL/DR 

00:00:31 

10.0.0.1 

GigabitEthernet0/0 

10.0.0.3 1 FULL/DROTHER 

00:00:34 

10.0.0.3 

GigabitEthernetO/O 

R2 # 

R3 - Verification: 




R3 # show ip ospf neighbor 

Neighbor ID Pri State 

Dead Time 

Address 

Interface 

10.0.0.1 1 FULL/DR 

00:00:37 

10.0.0.1 

FastEthernet0/0 

10.0.0.2 1 FULL/BDR 

00:00:32 

10.0.0.2 

FastEthernet0/0 

R3 # 

Understand OSPF DR and BDR Election 




If OSPF is enabled on all the routers at the same time, by default, the router with the Highest Router 
ID will become DR and the one with the second Highest Router ID will become BDR. 


Clear OSPF process by giving the following command on all routers for the new election of DR and 
BDR. 

Router # clear ip ospf process 

Reset ALL OSPF processes? [no]: yes 
Router # 
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R1 - Verification : 

R1 # show ip ospf neighbor 


Neighbor ID Pri State 

Dead Time 

Address 

Interface 

10.0.0.3 1 FULL/DR 

00:00:36 

10.0.0.3 

Ethernet0/0 

10.0.0.2 1 FULL/BDR 

00:00:38 

10.0.0.2 

Ethernet0/0 

Rl# 

R2- Verification: 




R2 # show ip ospf neighbor 

Neighbor ID Pri State 

Dead Time 

Address 

Interface 

10.0.0.1 1 FULL/DROTHER 

00:00:31 

10.0.0.1 

GigabitEthernet0/0 

10.0.0.3 1 FULL/DR 

00:00:34 

10.0.0.3 

GigabitEthernetO/O 

R2 # 

R3 - Verification: 




R3 # show ip ospf neighbor 

Neighbor ID Pri State 

Dead Time 

Address 

Interface 

10.0.0.1 1 FULL/DROTHER 

00:00:37 

10.0.0.1 

FastEthernet0/0 

10.0.0.2 1 FULL/BDR 

00:00:32 

10.0.0.2 

FastEthernetO/O 

R3 # 

Change OSPF Prioritv to force a particular router to become the DR 


By changing the OSPF priority, we can force a router to become the DR. The router with the highest 
priority becomes the DR , the router with the second highest priority becomes the BDR. 

Rl- Configuration 

R1 (config) # interface Ethernet 0/0 
Rl (config-if) # ip ospf priority 150 
Rl (config-if) # A Z 
Rl# 

R2 - Configuration 

R2 (config) # interface Gigabitethernet 0/0 
R2 (config-if) # ip ospf priority 200 
R2 (config-if) # A Z 
R2 # 

R3- Configuration 

R3 (config) # interface Fastethernet 0/0 
R3 (config-if) # ip ospf priority 100 
R3 (config-if) # A Z 
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R3 # 

Clear OSPF process by giving the following command on all routers for the new election of DR and 
BDR. 

Router # clear ip ospf process 

Reset ALL OSPF processes? [no]: yes 
Router # 


R1 - Verification : 

R1 # show ip ospf neighbor 

Neighbor ID Pri State Dead Time Address Interface 

10.0. 0.3 100 FULL/DROTHER 00:00:36 10.0.0.3 Ethernet0/0 

10.0. 0.2 200 FULL/DR 00:00:38 10.0.0.2 Ethernet0/0 

Rl# 

R1 # show ip ospf interface ethernet 0/0 

Ethernet0/0 is up, line protocol is up 
Internet Address 10.0.0.1/8, Area 0 

Process ID 1, Router ID 10.0.0.1, Network Type BROADCAST, Cost: 10 
Transmit Delay is 1 sec, State BDR, Priority 150 
Designated Router (ID) 10.0.0.2, Interface address 10.0.0.2 
Backup Designated router (ID) 10.0.0.1, Interface address 10.0.0.1 
Timer intervals configured. Hello 10, Dead 40, Wait 40, Retransmit 5 
Hello due in 00:00:01 
Index 1/1, flood queue length 0 
Next 0x0(0)/0x0(0) 

Last flood scan length is 0, maximum is 2 
Last flood scan time is 0 msec, maximum is 0 msec 
Neighbor Count is 2, Adjacent neighbor count is 2 
Adjacent with neighbor 10.0.0.3 
Adjacent with neighbor 10.0.0.2 (Designated Router) 

Suppress hello for 0 neighbor(s) 

Rl# 


R2 - Verification : 

R2 # show ip ospf neighbor 

Neighbor ID Pri State Dead Time Address Interface 

10.0. 0.1 150 FULL/BDR 00:00:31 10.0.0.1 GigabitEthernetO/O 

10.0. 0.3 100 FULL/DROTHER 00:00:34 10.0.0.3 GigabitEthernet0/0 

R2 # 
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R2 # show ip ospf interface gigabitethernet 0/0 

GigabitEthernetO/O is up, line protocol is up 
Internet Address 10.0.0.2/8, Area 0 

Process ID 2, Router ID 10.0.0.2, Network Type BROADCAST, Cost: 1 
Topology-MTID Cost Disabled Shutdown Topology Name 
0 1 no no Base 

Transmit Delay is 1 sec, State DR, Priority 200 
Designated Router (ID) 10.0.0.2, Interface address 10.0.0.2 
Backup Designated router (ID) 10.0.0.1, Interface address 10.0.0.1 
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 
oob-resync timeout 40 
Hello due in 00:00:02 
Next 0x0(0)/0x0(0) 

Last flood scan length is 1, maximum is 3 
Last flood scan time is 0 msec, maximum is 4 msec 
Neighbor Count is 2, Adjacent neighbor count is 2 
Adjacent with neighbor 10.0.0.1 (Backup Designated Router) 

Adjacent with neighbor 10.0.0.3 
Suppress hello for 0 neighbor(s) 

R2# 

R3 - Verification : 

R3 # show ip ospf neighbor 

Neighbor ID Pri State Dead Time Address Interface 

10.0. 0.1 1 FULL/BDR 00:00:37 10.0.0.1 FastEthernet0/0 

10.0. 0.2 1 FULL/DR 00:00:32 10.0.0.2 FastEthernet0/0 

R3 # 


R3 # show ip ospf interface fastethernet 0/0 

FastEthernet0/0 is up, line protocol is up 
Internet Address 10.0.0.3/8, Area 0 

Process ID 1, Router ID 10.0.0.3, Network Type BROADCAST, Cost: 1 
Transmit Delay is 1 sec. State DROTHER, Priority 100 
Designated Router (ID) 10.0.0.2, Interface address 10.0.0.2 
Backup Designated router (ID) 10.0.0.1, Interface address 10.0.0.1 
Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5 
oob-resync timeout 40 
Hello due in 00:00:09 
Supports Link-local Signaling (LLS) 

Index 1/1, flood queue length 0 
Next 0x0(0)/0x0(0) 

Last flood scan length is 0, maximum is 3 
Last flood scan time is 0 msec, maximum is 4 msec 
Neighbor Count is 2, Adjacent neighbor count is 2 
Adjacent with neighbor 10.0.0.1 (Backup Designated Router) 
Adjacent with neighbor 10.0.0.2 (Designated Router) 

Suppress hello for 0 neighbor(s) 

R3# 
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LAB 10: STANDARD ACCESS CONTROL LIST 


OBJECTIVE: 

To configure and implement access-list on R2 such that 192.168.2.10 should not communicate with 
10.0.0.0 network 


TOPOLOGY: 


Configure Ethernet and Serial IP addresses for the lab as below : 



Interface IP Address / Mask 


GO/O 10.0.0.1/8 

S0/0/0 172.17.0.1/16 

S0/0/1 172.16.0.2/16 


Pre-requisite: WAN Interface and Routing configuration to be done on the router (LAB - 3 and 4) 

TASK: 

• Verify communication between computers / networks before configuring the access list 

• Configure and implement Standard ACL 

• Verify blocked communication between computers / networks specified in ACL 
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Verify communication between computers / networks before configuring the access list 


From 192.168.2.10 Computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

From 192.168.2.20 computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 
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Configure and Implement Standard ACL 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R2 (config) # access-list 1 deny 192.168.2.10 0.0.0.0 
R2 (config) # access-list 1 permit any 


R2 (config) # interface gigabitEthernet 0/0 
R2 (config-if) # ip access-group 1 out 
R2 (config-if) # exit 


R2 - Verification : 

R2 # show ip access-lists 
Standard IP access list 1 
10 deny 192.168.2.10 
20 permit any 
R2# 

R2 # show ip interface gigabitEthernet 0/0 

GigabitEthernet0/0 is up, line protocol is up 
Internet address is 10.0.0.1/8 
Broadcast address is 255.255.255.255 
Address determined by setup command 
MTU is 1500 bytes 
Helper address is not set 
Directed broadcast forwarding is disabled 
Outgoing access list is 1 
Inbound access list is not set 
Proxy ARP is enabled 
Local Proxy ARP is disabled 
Security level is default 
Split horizon is enabled 
! 

coutput omitted> 

! 

WCCP Redirect outbound is disabled 
WCCP Redirect inbound is disabled 
WCCP Redirect exclude is disabled 
R2# 
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Verify blocked communication between computers / networks specified in ACL 


From 192.168.2.10 computer in R1 Network 

ping 10.0.0.10 


PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 
From 10.0.0.1 icmp_seq=l Packet filtered 
From 10.0.0.1 icmp_seq=2 Packet filtered 
From 10.0.0.1 icmp_seq=3 Packet filtered 
From 10.0.0.1 icmp_seq=4 Packet filtered 
From 10.0.0.1 icmp_seq=5 Packet filtered 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

From 192.168.2.20 computer in R1 Network 

ping 10.0.0.10 

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data. 

64 bytes from 10.0.0.10: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 10.0.0.10: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 10.0.0.10: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.10 


PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 


64 bytes from 192.168.3.10: 
64 bytes from 192.168.3.10: 
64 bytes from 192.168.3.10: 
64 bytes from 192.168.3.10: 
64 bytes from 192.168.3.10: 


cmp_seq=25 ttl=62 time=24.1 
cmp_seq=26 ttl=62 time=24.1 
cmp_seq=27 ttl=62 time=24.3 
cmp_seq=28 ttl=62 time=24.2 
cmp_seq=29 ttl=62 time=24.2 


ms 

ms 

ms 

ms 

ms 
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LAB 11: EXTENDED ACCESS CONTROL LIST 


OBJECTIVE: 

Deny R2 Network (i.e. 10.0.0.0/8) from accessing HTTP server (i.e. 192.168.3.10) in R3 Network and 
also deny ping to R1 Network (i.e. 192.168.2.0/24) 


TOPOLOGY: 


Configure Ethernet and Serial IP addresses for the lab as below : 



Interface IP Address / Mask 


GO/O 10.0.0.1/8 

S0/0/0 172.17.0.1/16 

S0/0/1 172.16.0.2/16 


Pre-requisite: WAN Interface and Routing configuration to be done on the router (LAB - 3 and 4) 

TASK: 

• Verify services and communication between computers / networks before configuring the 
extended access list. 

• Configure and implement Extended ACL 

• Verify blocked services and communication between computers / networks specified in ACL 
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Verify services and communication between computers / networks before configuring the 

Extended Access List 


From 10.0.0.10 Computer in R2 Network 

ping 192.168.2.10 


PING 192.168.2.10(192.168 
64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 


2.10) 56(84) bytes of data. 
cmp_seq=l ttl=62 time=24.2 
cmp_seq=2 ttl=62 time=24.1 
cmp_seq=3 ttl=62 time=24.1 
cmp_seq=4 ttl=62 time=24.1 
cmp_seq=5 ttl=62 time=24.1 


ms 

ms 

ms 

ms 

ms 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

Try to access HTTP Server via browser (i.e. http://192.168.3.10) 

You should able to see Test web page, indicates http service is allowed. 
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Configure and Implement Extended ACL 


R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # access-list 101 deny tcp 10.0.0.0 0.255.255.255 192.168.3.10 0.0.0.0 eq www 
R2 (config) # access-list 101 deny icmp 10.0.0.0 0.255.255.255 192.168.2.0 0.0.0.255 echo 
R2 (config) # access-list 101 permit ip any any 


R2 (config) # interface gigabitEthernet 0/0 
R2 (config-if) # ip access-group 101 in 
R2 (config-if) # exit 


R2 - Verification : 

R2 # show ip access-lists 

Extended IP access list 101 

10 deny tcp 10.0.0.0 0.255.255.255 host 192.168.3.10 eq www (5 matches) 

20 deny icmp 10.0.0.0 0.255.255.255 192.168.2.0 0.0.0.255 echo (10 matches) 
30 permit ip any any (87 matches) 

R2# 

R2 # show ip interface gigabitEthernet 0/0 

GigabitEthernet0/0 is up, line protocol is up 
Internet address is 10.0.0.1/8 
Broadcast address is 255.255.255.255 
Address determined by setup command 
MTU is 1500 bytes 
Helper address is not set 
Directed broadcast forwarding is disabled 
Multicast reserved groups joined: 224.0.0.5 224.0.0.6 
Outgoing access list is not set 

Inbound access list is 101 
Proxy ARP is enabled 
Local Proxy ARP is disabled 
Security level is default 
Split horizon is enabled 
! 

<output omitted> 

! 

WCCP Redirect outbound is disabled 
WCCP Redirect inbound is disabled 
WCCP Redirect exclude is disabled 

R2# 
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Verify blocked services and communication between computers / networks specified in 


ACL 


From 10.0.0.10 Computer in R2 Network 

ping 192.168.2.10 

PING 192.168.2.10 (192.168.2.10) 56(84) bytes of data. 

From 10.0.0.1 icmp_seq=l Packet filtered 

From 10.0.0.1 icmp_seq=2 Packet filtered 

From 10.0.0.1 icmp_seq=3 Packet filtered 

From 10.0.0.1 icmp_seq=4 Packet filtered 

From 10.0.0.1 icmp_seq=5 Packet filtered 


ping 192.168.3.10 

PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 

Try to access HTTP Server via browser (i.e. http://192.168.3.10) 

You should not able to see Test web page, indicates http service is blocked. 
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LAB 12: INITIAL CONFIGURATION OF SWITCH 


OBJECTIVE: 

To get familiar with Cisco Switch IOS modes and configure a New Switch with basic configuration i.e. 
assigning management IP address to the switch and configure passwords etc. 


TOPOLOGY: 


Setup console and ethernet connectivity for the lab as below : 

Console 


Switch 


x 

Vlan 1 S 

192.168.20.50/24^ 

\ 

\ 
I 
I 
I 
/ 

/ 

/ 

/ 

✓ 



TASK: 


Computer IP Address 
192.168.20.10 


• Establish console connectivity 

• Access switch via console with an emulation software 

• Get familiar with Cisco Switch IOS Modes and Show commands 

• Configure Hostname and VLAN 1 Interface IP address 

• Configure Connectivity Passwords 

• Configure Privilege Mode / Enable Password 

• Save configuration on the switch 

• Access the Switch via Telnet 
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Establish console connectivity 

Establish console connectivity by connecting switch console port to PC Com Port with console cable. 


Access switch via console with an emulation software 

Configure the following parameters in emulation software for accessing switch via console port. 


Parameters 

Console Port Settings 

Baud 

9600 

Data bits 

8 

Parity 

None 

Stop bits 

1 


Accessing switch via console from Microsoft Windows Computer 

• Start a terminal emulator application, such as PUTTY.exe 

• Select Serial option and set speed to 9600. 

• Click Open 



• Once emulation software is ready, Power-ON the switch. 

Accessing switch via console from Linux Computer 

• From the terminal enter the below command 

# minicom 

• Once emulation software is ready, Power-ON the Switch. 
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Getting familiar with Cisco Switch IQS Modes and show commands 


After the switch boots-up completely, (on a new Cisco Switch) it enters user mode as below: 


Switch> 


To navigate into Privilege mode/Executive Mode from User Mode 

Switch >enable 
Switch # 

To view switch IOS and hardware information 
Switch # show version 

Cisco Internetwork Operating System Software 

IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA6, RELEASE SOFTWARE (fcl) 
Copyright (c) 1986-2005 by cisco Systems, Inc. 

Compiled Fri 21-0ct-05 01:59 by yenanh 

Image text-base: 0x80010000, data-base: 0x80568000 

ROM: Bootstrap program is C2950 boot loader 

Switch uptime is 4 minutes 

System returned to ROM by power-on 

System image file is M flash:/c2950-i6q4l2-mz. 121-22. EA6.bin" 

cisco WS-C2950-24 (RC32300) processor (revision GO) with 21013K bytes of memory. 

Processor board ID FOC0638Z0TB 

Last reset from system-reset 

Running Standard Image 

24 FastEthernet/IEEE 802.3 interface(s) 

32K bytes of flash-simulated non-volatile configuration memory. 

Base ethernet MAC Address: 00:0A:F4:C5:94:C0 
Motherboard assembly number: 73-5781-11 
Power supply part number: 34-0965-01 
Motherboard serial number: FOC06380AZK 
Power supply serial number: DAB06347236 
Model revision number: GO 
Motherboard revision number: A0 


Model number: WS-C2950-24 

System serial number: FOCO 

638Z0TB 

Configuration register is OxF 


To view switch flash Information 
Switch # show flash 

Directory of flash:/ 

1 -rwx 3110758 Mar 01 1993 08:30:59 +00:00 c2950-i6q4l2-mz.l21-22.EA6.bin 

2 -rwx 564 Mar 01 1993 00:00:28 +00:00 vlan.dat 
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7741440 bytes total (4628480 bytes free) 
Switch # 


To view switch current configuration (RAM) 

Switch # show running-config 

Building configuration... 

Current configuration : 1071 bytes 
! 

version 12.1 
no service pad 

service timestamps debug uptime 
service timestamps log uptime 
no service password-encryption 
! 

hostname Switch 
! 

spanning-tree mode pvst 
no spanning-tree optimize bpdu transmission 
spanning-tree extend system-id 
! 

interface FastEthernetO/1 
! 

interface FastEthernetO/2 
! 

<output omitted> 

! 

interface FastEthernetO/23 
! 

interface FastEthernetO/24 
! 

interface Vlanl 
no ip address 
no ip route-cache 
shutdown 

! 

ip http server 
! 

line con 0 
line vty 5 15 
! 

end 

Switch # 

To view switch startup configuration (NVRAM) 
Switch # show startup-config 
startup-config is not present 
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To view detailed interface information (i.e. Vlan, interface status, etc.) 
Switch # show interface status 


Port Name 

FaO/1 

FaO/2 

Fa 0/3 

Fa 0/4 

Fa 0/5 

Fa 0/6 

Fa 0/7 

Fa 0/8 

Fa 0/9 

Fa0/10 

Fa0/ll 

FaO/12 

FaO/13 

FaO/14 

FaO/15 

FaO/16 

FaO/17 

FaO/18 

FaO/19 

Fa0/20 

Fa0/21 

Fa0/22 

Fa0/23 

FaO/24 

Switch # 


Status 

Vlan 

Duplex Speed Type 

connected 

1 

a-full 

a-100 10/100BaseTX 

connected 

1 

a-full 

a-100 10/100BaseTX 

connected 

1 

a-full 

a-100 10/100BaseTX 

connected 

1 

a-full 

a-100 10/100BaseTX 

connected 

1 

a-full 

a-100 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

connected 

1 

a-half 

a-10 10/100BaseTX 

connected 

1 

a-half 

a-10 10/100BaseTX 

connected 

1 

a-half 

a-10 10/100BaseTX 

connected 

1 

a-half 

a-10 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 

notconnect 

1 

auto 

auto 10/100BaseTX 


To view Mac Address Table 
Switch # show mac-address-table 

Mac Address Table 


Vlan 

Mac Address 

Type 

Ports 

All 

000a.f4c5.94c0 

STATIC 

CPU 

All 

0100.0ccc.cccc 

STATIC 

CPU 

All 

0100.0ccc.cccd 

STATIC 

CPU 

All 

0100.0cdd.dddd 

STATIC 

CPU 

1 

0002.4b60.dl00 

DYNAMIC 

FaO/13 

1 

0002.fd73.7f20 

DYNAMIC 

FaO/11 

1 

0010.7bb3.6f20 

DYNAMIC 

FaO/12 

1 

001c.c012.4f54 

DYNAMIC 

Fa 0/4 

1 

0030.9476.fl60 

DYNAMIC 

Fa0/10 


Total Mac Addresses for this criterion: 5 


Switch # 
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Configure Hostname and VLAN 1 Interface IP address 


To change the Host Name of Switch 

Switch # configure terminal 
Switch (config) # hostname SW1 
SW1 (config) # 


To configure IP address on Interface VLAN 1 
SW1 (config) # interface vlan 1 

SW1 (config-if) # ip address 192.168.20.50 255.255.255.0 
SW1 (config-if) # no shutdown 
SW1 (config-if) #exit 

Configure Connectivity Passwords 

To configure telnet password 

SW1 (config) # line vty 0 15 
SW1 (config-line) # password zoom 
SW1 (config-line) #login 
SW1 (config-line) #exit 

To configure console password 

SW1 (config) # line console 0 
SW1 (config-line) # password zoom 
SW1 (config-line) #login 
SW1 (config-line) # exit 

Configure Privilege Mode / Enable Password 


Configure privilege password 

SW1 (config) #enable password ccna 
SW1 (config) #enable secret zoom 
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Save configuration on the switch 


To save configuration on switch 

SWl#copy running-config startup-config 

Destination filename [startup-config]? 
Building configuration... 

[OK] 

SW1# 


To view switch startup configuration (NVRAM) 

SW1 # show startup-config 

Building configuration... 

Current configuration : 1230 bytes 
! 

version 12.1 
no service pad 

service timestamps debug uptime 
service timestamps log uptime 
no service password-encryption 
! 

hostname SW1 
! 

enable secret 5 $l$R2we$Mk0jdo9UpDLlT7kqcKHhkl 
enable password ccna 
! 

ip subnet-zero 
! 

spanning-tree mode pvst 
no spanning-tree optimize bpdu transmission 
spanning-tree extend system-id 
! 

interface FastEthernetO/1 
! 

interface FastEthernetO/2 


<output omitted> 

! 

interface FastEthernetO/23 
! 

interface FastEthernetO/24 
! 

interface Vlanl 

ip address 192.168.20.50 255.255.255.0 
no ip route-cache 

! 
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ip http server 
! 

line con 0 
password zoom 
login 

line vty 0 4 
password zoom 
login 

line vty 5 15 
password zoom 
login 

! 

! 

end 

Access the Switch via Telnet 

• Access switch via telnet by giving the following command on a Windows or Linux computer. 

telnet 192.168.20.50 
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LAB 13: VLAN AND TRUNKING 


OBJECTIVE: 

To configure VLANs and trunking in a switched network. 


TOPOLOGY: 


Setup Switch and Computer connectivity for the lab as below: 



SW1 - 192.168.20.50 


Sales 


VLAN 


PC16 


TASK: 

• Verify communication between the computers connected to same as well as a different 
switch. 

• Verify Default VLAN information 

• Configure and Implement VLANs 

• Verify communication between the computers connected to same switch. 

• Configure Trunking 

• Verify communication between the computers connected to different switches. 
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Verify communication between the computers connected to same and different switches 


From 192.168.20.1 computer (i.e. PCI) ping computers on the same switch 

ping 192.168.20.2 

PING 192.168.20.2 (192.168.20.2) 56(84) bytes of data. 

64 bytes from 192.168.20.2: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.2: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.2: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.2: icmp_seq=4 ttl=62 time=24.0 ms 

ping 192.168.20.3 

PING 192.168.20.3 (192.168.20.3) 56(84) bytes of data. 

64 bytes from 192.168.20.3: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.3: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.3: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.3: icmp_seq=4 ttl=62 time=24.0 ms 

ping 192.168.20.5 

PING 192.168.20.5 (192.168.20.5) 56(84) bytes of data. 

64 bytes from 192.168.20.5: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.5: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.5: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.5: icmp_seq=4 ttl=62 time=24.0 ms 

From 192.168.20.1 computer (i.e. PCI) ping computers on the other switch 

ping 192.168.20.12 

PING 192.168.20.12 (192.168.20.12) 56(84) bytes of data. 

64 bytes from 192.168.20.12: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.12: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.12: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.12: icmp_seq=4 ttl=62 time=24.0 ms 

ping 192.168.20.13 

PING 192.168.20.13 (192.168.20.13) 56(84) bytes of data. 

64 bytes from 192.168.20.13: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.13: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.13: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.13: icmp_seq=4 ttl=62 time=24.0 ms 
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ping 192.168.20.15 

PING 192.168.20.15 (192.168.20.15) 56(84) bytes of data. 

64 bytes from 192.168.20.15: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.15: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.15: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.15: icmp_seq=4 ttl=62 time=24.0 ms 


Verify Default VLAN information 


To view existing VLAN and port assigned to VLAN 
SW1 - Verification : 

SW1 # show vlan brief 

VLAN Name Status Ports 


1 default active Fa0/1, FaO/2, FaO/3, FaO/4, FaO/5, FaO/6, FaO/7, FaO/8, FaO/9, 

Fa0/10, Fa0/ll, FaO/12, FaO/13, FaO/14, FaO/15, FaO/16, FaO/17, 
FaO/18, FaO/19, Fa0/20, FaO/21, FaO/22, FaO/23,FaO/24 

1002 fddi-default act/unsup 

1003 trcrf-default act/unsup 

1004 fddinet-default act/unsup 

1005 trbrf-default act/unsup 

SW1# 

SW2- Verification : 

SW2 # show vlan brief 

VLAN Name Status Ports 


1 default active Fa0/1, Fa0/2, Fa0/3, FaO/4, Fa0/5, FaO/6, FaO/7, Fa0/8 ; FaO/9, 

Fa0/10 ; Fa0/ll, Fa0/12 ; FaO/13, FaO/14, FaO/15, FaO/16, FaO/17, 
Fa0/18 ; FaO/19, FaO/20, Fa0/21, Fa0/22, FaO/23 ; FaO/24 

1002 fddi-default act/unsup 

1003 trcrf-default act/unsup 

1004 fddinet-default act/unsup 

1005 trbrf-default act/unsup 

SW2 # 
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Configure and Implement VLAN 


SW1 - Configuration 
SW1 #configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW1 (config) # vlan 10 

SW1 (config-vlan) # name SALES 

SW1 (config-vlan) #exit 

SW1 (config) # vlan 20 

SW1 (config-vlan) # name MKTG 

SW1 (config-vlan) #exit 

SW1 (config) # 


SW1 (config) # interface range fastethernet 0/1 -2 
SW1 (config-if-range) # switchport mode access 
SW1 (config-if-range) # switchport access vlan 10 
SW1 (config-if-range) # exit 
SWl(config) # 

SW1 (config) # interface range fastethernet 0/5 -6 
SW1 (config-if-range) # switchport mode access 
SW1 (config-if-range) # switchport access vlan 20 
SW1 (config-if-range) # exit 


SW2 - Configuration 
SW2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW2 (config) # vlan 10 

SW2 (config-vlan) # name SALES 

SW2 (config-vlan) #exit 

SW2 (config) # vlan 20 

SW2 (config-vlan) # name MKTG 

SW2 (config-vlan) #exit 

SW2 (config) # 

SW2 (config) # interface range fastethernet 0/1 -2 
SW2 (config-if-range) # switchport mode access 
SW2 (config-if-range) # switchport access vlan 10 
SW2 (config-if-range) # exit 
SW2(config) # 

SW2 (config) # interface range fastethernet 0/5 -6 
SW2 (config-if-range) # switchport mode access 
SW2 (config-if-range) # switchport access vlan 20 
SW2 (config-if-range) # exit 
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To view existing VLAN and port assigned to VLAN 
SW1 - Verification: 


SW1 # show vlan brief 


VLAN Name Status Ports 


1 default active FaO/3, FaO/4, FaO/7, FaO/8, FaO/9, FaO/lO, FaO/11, FaO/12, FaO/13, 

Fa0/14 ; FaO/15, Fa0/16 ; FaO/17, FaO/18, FaO/19, Fa0/20, FaO/21, 
Fa0/22 ; FaO/23, FaO/24 
10 SALES active Fa0/1, FaO/2 

20 MKTG active FaO/5, FaO/6 

1002 fddi-default act/unsup 

1003 trcrf-default act/unsup 

1004 fddinet-default act/unsup 

1005 trbrf-default act/unsup 

SW1# 

SW2- Verification : 

SW2 # show vlan brief 


VLAN Name 

Status Ports 

1 default 

active FaO/3, FaO/4, FaO/7, FaO/8, FaO/9, FaO/lO, FaO/11, FaO/12, FaO/13, 

Fa 0/14, FaO/15, Fa0/16, FaO/17, FaO/18, FaO/19, Fa0/20, FaO/21, 
FaO/22, FaO/23, FaO/24 

10 SALES 

active Fa0/1, Fa0/2 

20 MKTG 

active FaO/5, FaO/6 

1002 fddi-default 

act/unsup 

1003 trcrf-default 

act/unsup 

1004 fddinet-default 

act/unsup 

1005 trbrf-default 

SW2 # 

act/unsup 
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Verify communication between the computers connected to same switch. 


From 192.168.20.1 computer fi.e. PCI) 

ping 192.168.20.2 

PING 192.168.20.2 (192.168.20.2) 56(84) bytes of data. 

64 bytes from 192.168.20.2: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.2: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.2: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.2: icmp_seq=4 ttl=62 time=24.0 ms 

ping 192.168.20.3 

PING 192.168.20.3 (192.168.20.3) 56(84) bytes of data. 

From 192.168.20.1 icmp_seq=l Destination Host Unreachable 
From 192.168.20.1 icmp_seq=2 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 

ping 192.168.20.5 

PING 192.168.20.5 (192.168.20.5) 56(84) bytes of data. 

From 192.168.20.1 icmp_seq=l Destination Host Unreachable 
From 192.168.20.1 icmp_seq=2 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 

From 192.168.20.6 computer (i.e. PC6) 

ping 192.168.20.2 

PING 192.168.20.2 (192.168.20.2) 56(84) bytes of data. 

From 192.168.20.6 icmp_seq=l Destination Host Unreachable 
From 192.168.20.6 icmp_seq=2 Destination Host Unreachable 
From 192.168.20.6 icmp_seq=3 Destination Host Unreachable 
From 192.168.20.6 icmp_seq=3 Destination Host Unreachable 


ping 192.168.20.5 

PING 192.168.20.5 (192.168.20.5) 56(84) bytes of data. 

64 bytes from 192.168.20.5: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.5: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.5: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.5: icmp_seq=4 ttl=62 time=24.0 ms 
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Configure Trunking 


SW1 - Configuration 
SW1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW1 (config)# interface fastethernet 0/24 

SW1 (config-if)# switchport mode trunk 

SW1 (config-if)# switchport trunk allowed vlan all 

SW1 (config-if)# A Z 

SW1# 

SW2 - Configuration 
SW2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
SW2 (config)# interface fastethernet 0/24 
SW2 (config-if)# switchport mode trunk 
SW2 (config-if)# switchport trunk allowed vlan all 

SW2 (config-if)# A Z 
SW2 # 
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Verify trunk configuration 


SW1 - Verification: 


SW1 # show interface trunk 



Port 

Mode Encapsulation 

Status 

Native vlan 

FaO/24 

on 802. lq 

trunking 

1 

Port 

Vlans allowed on trunk 



FaO/24 

1-4094 



Port 

Vlans allowed and active in management domain 

FaO/24 

1,10,20 



Port 

FaO/24 

SW1# 

Vlans in spanning tree forwarding state and not pruned 

none 

SW2- Verification: 



SW2 # show interface trunk 



Port 

Mode Encapsulation 

Status 

Native vlan 

FaO/24 

on 802. lq 

trunking 

1 

Port 

Vlans allowed on trunk 



FaO/24 

1-4094 



Port 

Vlans allowed and active in management domain 

FaO/24 

1,10,20 




Port Vlans in spanning tree forwarding state and not pruned 

FaO/24 none 

SW2# 
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Verify communication between the computers connected to different switch. 


From 192.168.20.1 computer fi.e. PCI) 

ping 192.168.20.12 

PING 192.168.20.12 (192.168.20.12) 56(84) bytes of data. 

64 bytes from 192.168.20.12: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.20.12: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.20.12: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.20.12: icmp_seq=4 ttl=62 time=24.0 ms 

ping 192.168.20.13 

PING 192.168.20.13 (192.168.20.13) 56(84) bytes of data. 

From 192.168.20.1 icmp_seq=l Destination Host Unreachable 
From 192.168.20.1 icmp_seq=2 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 

ping 192.168.20.15 

PING 192.168.20.15 (192.168.20.15) 56(84) bytes of data. 

From 192.168.20.1 icmp_seq=l Destination Host Unreachable 
From 192.168.20.1 icmp_seq=2 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 
From 192.168.20.1 icmp_seq=3 Destination Host Unreachable 
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LAB 14: VLAN TRUNKING PROTOCOL (VTP) 


OBJECTIVE: 

To implement VTP on switches across the network. 


TOPOLOGY: 

Setup Switch connectivity for the lab as below : 


VTP Server VTP Client / Transparent 



Pre-requisite: VLAN and Trunking configuration to be done on the Switch (LAB - 13) 


TASK: 

• Configure VTP 

• Verify the working of VTP 
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Configure VTP 


SW1 - VTP Server Configuration 


SW1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW1 (config) # vtp domain ZOOM 

Changing VTP domain name from null to ZOOM 

SW1 (config) # vtp password CCNA 

Setting device VLAN database password to CCNA 

SW1 (config) # A Z 

SW1# 


SW2 - VTP Client Configuration 

SW2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW2 (config) # vtp domain ZOOM 

Changing VTP domain name from null to ZOOM 

SW2 (config) # vtp password CCNA 

Setting device VLAN database password to CCNA 

SW2 (config) # vtp mode client 

Setting device to VTP CLIENT mode. 

SW2 (config) # A Z 
SW2# 


SW1 - Verification: 

SW1 # show vtp status 
VTP Version : 2 

Configuration Revision : 0 

Maximum VLANs supported locally : 64 

Number of existing VLANs : 5 

VTP Operating Mode : Server 

VTP Domain Name : ZOOM 

VTP Pruning Mode : Disabled 

VTP V2 Mode : Disabled 

VTP Traps Generation : Disabled 

MD5 digest : 0x4C 0x9A 0xF5 0x6A 0x05 OxBA 0x83 0xE3 

Configuration last modified by 192.168.20.50 at 3-1-93 02:26:12 

SW1# 

SW1 # show vtp password 
VTP Password: CCNA 
SW1# 
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SW2- Verification: 

SW2 # show vtp status 
VTP Version : 2 

Configuration Revision : 0 

Maximum VLANs supported locally : 64 

Number of existing VLANs : 5 

VTP Operating Mode : Client 

VTP Domain Name : ZOOM 

VTP Pruning Mode : Disabled 

VTP V2 Mode : Disabled 

VTP Traps Generation : Disabled 

MD5 digest : 0x4C 0x9A 0xF5 0x6A 0x05 OxBA 0x83 0xE3 

Configuration last modified by 192.168.20.50 at 3-1-93 02:26:12 

Local updater ID is 192.168.20.50 on interface VII (lowest numbered VLAN interface found) 
SW1# 

SW2 # show vtp password 
VTP Password: CCNA 
SW2# 


Verify the working of VTP 


Create VLANs on Server Switch i.e. SW1 and verify that these VLANs are automatically available on 
Client Switch i.e. SW2. 


SW1 - Configuration 
SW1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW1 (config) # vlan 10 

SW1 (config-vlan) # name SALES 

SW1 (config-vlan) #exit 

SW1 (config) # vlan 20 

SW1 (config-vlan) # name MKTG 

SW1 (config-vlan) #exit 

SW1 (config) # 


SW1- Verification : 
SW1 # show vlan brief 


VLAN Name Status Ports 


1 default active FaO/3, FaO/4, FaO/7, FaO/8, FaO/9, Fa0/10, Fa0/ll, Fa0/12, FaO/13, 
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FaO/14, FaO/15, FaO/16, FaO/17, FaO/18, FaO/19, Fa0/20, FaO/21, 
Fa0/22 ; FaO/23, FaO/24 


10 

SALES 

active 

20 

MKTG 

active 


1002 fddi-default act/unsup 

1003 trcrf-default act/unsup 

1004 fddinet-default act/unsup 

1005 trbrf-default act/unsup 

SW1# 


SW2 - Verification : 
SW2 # show vlan brief 


VLAN Name Status Ports 


1 default active FaO/3, FaO/4, FaO/7, FaO/8, FaO/9, Fa0/10, FaO/11, FaO/12, FaO/13, 

Fa 0/14, FaO/15, FaO/16, FaO/17, FaO/18, FaO/19, Fa0/20, FaO/21, 
FaO/22, Fa0/23, FaO/24 


10 

SALES 

active 

20 

MKTG 

active 


1002 fddi-default act/unsup 

1003 trcrf-default act/unsup 

1004 fddinet-default act/unsup 


1005 trbrf-default act/unsup 
SW2 # 


Try to create VLANs on Client Switch i.e. SW2 


SW2 - Verification: 


SW2 (config) # vlan 100 

VTP VLAN configuration not allowed when device is in CLIENT mode. 
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LAB 15: ROUTER ON A STICK (INTER-VLAN ROUTING) 


OBJECTIVE: 

To configure inter-vlan routing for communication between VLANs, by configuring sub interfaces on 
a router. 


TOPOLOGY: 

Setup connectivity for the lab as below : 


go/o 



SW1 - 192.168.20.50 


Sales 

VLAN 

10 


PCI PC2 ■ PC3 


■ 

2 

4 

V 







r 


Mktg 

VLAN 

20 


PC4 ■ PC5 


1 Computer 

VUn No. 

IP Address / | 

Mask 

Computer 

VI an No. 

IP Address / j 

Mask | 

PCI 

10 

192.168.2.1/24 

PC5 

20 

192.168.3.5/24 

pa 

10 

192.168.2.2/24 

PC6 

20 

192.168.3.6/24 


Pre-requisite: VLAN configuration to be done on the switch (LAB - 13) 


TASK: 

• Verify communication between the computers in Different VLAN 

• Configure Sub Interfaces and IP Routing on Router 

• Verify communication between the computers in Different VLAN 
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Verify communication between the computers in Different VLAN 


From 192.168.2.1 computer (i.e. PCI) 

ping 192.168.2.2 

PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. 

64 bytes from 192.168.2.2: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.2.2: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.2.2: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.2.2: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.5 

PING 192.168.3.5 (192.168.3.5) 56(84) bytes of data. 

From 192.168.2.1 icmp_seq=l Destination Host Unreachable 
From 192.168.2.1 icmp_seq=2 Destination Host Unreachable 
From 192.168.2.1 icmp_seq=3 Destination Host Unreachable 
From 192.168.2.1 icmp_seq=3 Destination Host Unreachable 

From 192.168.3.6 computer (i.e. PC6) 

ping 192.168.2.2 

PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. 

From 192.168.3.6 icmp_seq=l Destination Host Unreachable 
From 192.168.3.6 icmp_seq=2 Destination Host Unreachable 
From 192.168.3.6 icmp_seq=3 Destination Host Unreachable 
From 192.168.3.6 icmp_seq=3 Destination Host Unreachable 


ping 192.168.3.5 

PING 192.168.3.5 (192.168.3.5) 56(84) bytes of data. 

64 bytes from 192.168.3.5: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.3.5: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.3.5: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.5: icmp_seq=4 ttl=62 time=24.0 ms 
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Configure Sub Interfaces and IP Routing on Router 


Rl- Configuration 


R1 (config) # interface gigabitEthernet 0/0 

Rl (config-subif) # no shutdown 

Rl (config) # interface gigabitEthernet 0/0.1 

Rl (config-subif) # encapsulation dotlq 10 

Rl (config-subif) # ip address 192.168.2.254 255.255.255.0 

Rl (config-subif) # exit 

Rl (config) # interface gigabitEthernet 0/0.2 

Rl (config-subif) # encapsulation dotlq 20 

Rl (config-subif) # ip address 192.168.3.254 255.255.255.0 

Rl (config-subif) # exit 

Rl (config) # ip routing 

Rl (config) # 


Rl - Verification 
Rl # show ip route 

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2 
i - IS-IS, su - IS-IS summary, LI - IS-IS level-1, L2 - IS-IS level-2 
ia - IS-IS inter area, * - candidate default, U - per-user static route 
o - ODR, P - periodic downloaded static route, H - NHRP, I - LISP 
+ - replicated route, % - next hop override 

Gateway of last resort is not set 

192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks 
C 192.168.2.0/24 is directly connected, GigabitEthernet0/0.1 
L 192.168.2.254/32 is directly connected, GigabitEthernet0/0.1 
192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks 
C 192.168.3.0/24 is directly connected, GigabitEthernet0/0.2 
L 192.168.3.254/32 is directly connected, GigabitEthernet0/0.2 
Rl# 
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Verify communication between the computers in Different VLAN 


From 192.168.2.1 computer (i.e. PCI) 

ping 192.168.2.2 

PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. 

64 bytes from 192.168.2.2: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.2.2: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.2.2: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.2.2: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.5 

PING 192.168.3.5 (192.168.3.5) 56(84) bytes of data. 

64 bytes from 192.168.3.5: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.3.5: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.3.5: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.5: icmp_seq=4 ttl=62 time=24.0 ms 

From 192.168.3.6 computer (i.e. PC6) 

ping 192.168.2.2 

PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. 

64 bytes from 192.168.2.2: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.2.2: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.2.2: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.2.2: icmp_seq=4 ttl=62 time=24.0 ms 


ping 192.168.3.5 

PING 192.168.3.5 (192.168.3.5) 56(84) bytes of data. 

64 bytes from 192.168.3.5: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 192.168.3.5: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 192.168.3.5: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.5: icmp_seq=4 ttl=62 time=24.0 ms 
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LAB 16: SPANNING TREE PROTOCOL (STP) 


OBJECTIVE: 

To understand the default behaviour of STP and how a root bridge election takes place. 


TOPOLOGY: 

Setup Switch connectivity for the lab as below : 

/ V w \ 


SW1 - 192.168.20.50 SW2 - 192.168.20.51 



TASK: 

• Verify STP behaviour 

• Change Priority to force a particular switch to become the Root Bridge 

• Verify STP 
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Verify STP default behaviour 


SW1 - Verification: 

SW1 # show spanning-tree 
VLAN0001 

Spanning tree enabled protocol ieee 
Root ID Priority 32769 

Address 000c.8577.2040 

Cost 19 

Port 23 (FastEthernetO/23) 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) 

Address 000d.28f0.6840 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 

Aging Time 15 


Interface 

Role 

Sts 

Cost 

Prio.Nbr 

Type 

FaO/7 

Desg 

FWD 

19 

128.7 

P2p 

FaO/11 

Desg 

LIS 

19 

128.11 

P2p 

FaO/13 

Desg 

FWD 

19 

128.13 

P2p 

FaO/19 

Desg 

FWD 

19 

128.19 

P2p 

FaO/23 

Root 

FWD 

19 

128.23 

P2p 

FaO/24 

Altn 

BLK 

19 

128.24 

P2p 


SW1# 

SW2 - Verification: 

SW2 # show spanning-tree 
VLAN0001 

Spanning tree enabled protocol ieee 
Root ID Priority 32769 

Address 000c.8577.2040 

This bridge is the root 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) 

Address 000c.8577.2040 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 

Aging Time 15 


Interface 

Role 

Sts 

Cost 

Prio.Nbr 

Type 

FaO/7 

Desg 

FWD 

19 

128.7 

P2p 

FaO/13 

Desg 

FWD 

19 

128.13 

P2p 

FaO/19 

Desg 

FWD 

19 

128.19 

P2p 

FaO/23 

Desg 

FWD 

19 

128.23 

P2p 

FaO/24 

Desg 

FWD 

19 

128.24 

P2p 


SW2 # 
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Change Priority to force a particular switch to become the Root Bridge 

By changing the priority on the switch, we can force a switch to become the Root Bridge. The switch 
with the lowest priority becomes the Root Bridge with all ports in forwarding state. 


SW1 - Configuration 

SW1 (config) # spanning-tree vlan 1 priority 4096 

SW1 (config) # A Z 
SW1# 


Verify STP 

SW1- Verification: 

SW1 # show spanning-tree 

VLAN0001 

Spanning tree enabled protocol ieee 
Root ID Priority 4097 

Address 000d.28f0.6840 

This bridge is the root 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 

Bridge ID Priority 4096 (priority 4096 sys-id-ext 1) 

Address 000d.28f0.6840 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 

Aging Time 15 


Interface 

Role 

Sts 

Cost 

Prio.Nbr 

Type 

FaO/7 

Desg 

FWD 

19 

128.7 

P2p 

Fa0/ll 

Desg 

LIS 

19 

128.11 

P2p 

FaO/13 

Desg 

FWD 

19 

128.13 

P2p 

FaO/19 

Desg 

FWD 

19 

128.19 

P2p 

FaO/23 

Desg 

FWD 

19 

128.23 

P2p 

FaO/24 

Desg 

FWD 

19 

128.24 

P2p 


SW1# 

SW2 - Verification: 

SW2 # show spanning-tree 

VLAN0001 

Spanning tree enabled protocol ieee 
Root ID Priority 4097 

Address 000d.28f0.6840 

Cost 19 

Port 23 (FastEthernetO/23) 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 
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Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) 

Address 000c.8577.2040 

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec 

Aging Time 15 


Interface 

Role 

Sts 

Cost 

Prio.Nbr 

Type 

Fa 0/7 

Desg 

FWD 

19 

128.7 

P2p 

FaO/13 

Desg 

FWD 

19 

128.13 

P2p 

FaO/19 

Desg 

FWD 

19 

128.19 

P2p 

FaO/23 

Root 

FWD 

19 

128.23 

P2p 

FaO/24 

Altn 

BLK 

19 

128.24 

P2p 


SW2 # 
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LAB 17: ETHERCHANNEL 


OBJECTIVE: 

To configure Etherchannel for link aggregation 


TOPOLOGY: 

Setup Switch connectivity for the lab as below : 


Port Channel 1 



TASK: 

• Configure Etherchannel 

• Verify Etherchannel 
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Configure Etherchannel 
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SW1 - Etherchannel Configuration 


SW1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW1 (config) # interface range fa 0/23 -24 

SW1 (config-if-range) # channel-group 1 mode on 

Creating a port-channel interface Port-channel 1 

SW1 (config-if-range) # A Z 

SW1# 


SW2 - Etherchannel Configuration 

SW2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SW2 (config) # interface range fa 0/23 -24 

SW2 (config-if-range) # channel-group 1 mode on 

Creating a port-channel interface Port-channel 1 

SW2 (config-if-range) # A Z 

SW2 # 


Verify Etherchannel 

SW1- Verification: 

SW1 # show etherchannel 1 summary 

Flags: D-down P - bundled in port-channel 

I - stand-alone s- suspended 
H - Hot-standby (LACP only) 

R - Layer3 S - Layer2 

U - in use f - failed to allocate aggregator 

M - not in use, minimum links not met 
u - unsuitable for bundling 
w - waiting to be aggregated 
d - default port 


Number of channel-groups in use: 1 
Number of aggregators: 1 


Group Port-channel Protocol 

Ports 

1 Pol(SU) 

FaO/23(P) FaO/24(P) 

SW1# 
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SW2 - Verification: 

SW2 # show etherchannel 1 summary 

Flags: D-down P - bundled in port-channel 

I - stand-alone s- suspended 
H - Hot-standby (LACP only) 

R - Layer3 S - Layer2 

U - in use f - failed to allocate aggregator 

M - not in use, minimum links not met 
u - unsuitable for bundling 
w - waiting to be aggregated 
d - default port 


Number of channel-groups in use: 1 
Number of aggregators: 1 


Group Port-channel Protocol 

- 1 - 4 - + 

Ports 

1 Pol(SU) 

FaO/23(P) FaO/24(P) 

SW2 # 
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LAB 18: PORT SECURITY 


OBJECTIVE: 

To implement Port Security on switches across the network. 


TOPOLOGY: 

Setup Switch connectivity for the lab as below : 


TASK: 





4? sC 

* 




& 


^ 




• Configure Port Security 

• Verify Port Security violation 
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Configure Port Security 

SW1 (config)# interface fastethernet 0/2 

SW1 (config-if)# switchport mode access 

SW1 (config-if)# switchport port-security maximum 1 

SW1 (config-if)# switchport port-security mac-address 0013.20B7.1232 

SW1 (config-if)# switchport port-security violation shutdown 

SW1 (config-if)# switchport port-security 

SW1 (config-if)# A Z 

SW1# 

Verify Port Security Violation 

Connect another computer (with different mac-address) to switch port no. 2 and verify the output. 

SW1- Verification : 

SW1 # show interface status 

Port Name Status Vlan Duplex Speed Type 

Fa0/1 connected 1 a-full a-100 10/100BaseTX 

FaO/2 err-disabled 1 auto auto 10/100BaseTX 

FaO/3 connected 1 a-full a-100 10/100BaseTX 

! 

<output omitted> 

! 

FaO/24 connected 1 a-full a-100 10/100BaseTX 

SW1# 

SW1 # show port-security 

Secure Port MaxSecureAddr CurrentAddr SecurityViolation Security Action 

(Count) (Count) (Count) 


FaO/2 1 11 Shutdown 


Total Addresses in System (excluding one mac per port) : 0 
Max Addresses limit in System (excluding one mac per port) : 1024 
SW1# 

Repeat the above steps by reconfiguring violation command (restrict and protect) and verify the 
output. 

SW1 (config-if)# switchport port-security violation restrict 

OR 

SW1 (config-if)# switchport port-security violation protect 
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LAB 19: DEFAULT ROUTING 


OBJECTIVE: 

To configure default routing for accessing Internet. 


TOPOLOGY: 


Setup Ethernet and Serial connectivity for the lab as below : 





Interface 

IP Address / Mask 

EO/O 

192.168.2.1/24 

SO/O 202.1.0.18/29 


TASK: 

• Configure WAN Interface 

• Configure Default Routing 

• Verify Default Routing 

• Verify communication from l_AN to the Internet 
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Configure WAN Interface 

Configure WAN Interface IP address according to topology diagram (i.e. IP addresses provided by 
ISP) 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config)# interface serial 0/0 

Rl (config-if)# ip address 202.1.0.18 255.255.255.248 

Rl (config-if)# no shutdown 

Rl (config-if)# encapsulation ppp 

Rl (config-if)# exit 

Rl (config)# 

Configure Default Routing 

Rl- Configuration 
Rl # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # ip route 0.0.0.0 0.0.0.0 Serial0/0 
Rl (config) # exit 
Rl (config) # 

Verify Default Routing 

Once Default routing is enabled IP Network defined through the default routing command is added 
into the routing information table. represents Default route. 

Rl - Verification : 

Rl # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

C 202.1.0.16/29 is directly connected, Serial0/0 
C 192.168.2.0/24 is directly connected, Ethernet0/0 
S* 0.0.0.0/0 [1/0] via Serial0/0 
Rl# 
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Verify communication from LAN to the Internet. 

Verification from PCI 


ping 202.2.0.17 

PING 202.2.0.17 (202.2.0.17) 56(84) bytes of data. 

64 bytes from 202.2.0.17: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 202.2.0.17: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 202.2.0.17: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 202.2.0.17: icmp_seq=4 ttl=62 time=24.0 ms 
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LAB 20: STATIC NAT 


OBJECTIVE: 

To configure Static NAT for Hosting Pubic Servers on the Internet. 


TOPOLOGY: 

Setup Ethernet and Serial connectivity for the lab as below : 



Interface 

IP Address / Mask 

EO/O 

SO/O 

192.168.2.1/24 

202.1.0.18/29 


Pre-requisite: Default Routing configuration to be done on the router (LAB - 19) 


TASK: 

• Configure Static NAT 


Verify Static NAT 
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Configure Static NAT 

R1 (config) # interface serial 0/0 
R1 (config-if) # ip nat outside 
R1 (config-if) # exit 
R1 (config) # interface ethernet 0/0 
R1 (config-if) # ip nat inside 
R1 (config-if) # exit 

R1 (config)# ip nat inside source static 192.168.2.10 202.1.0.19 


Verify Static NAT 


Rl- Verification 

R1 # show ip nat translation 

Pro Inside global Inside local Outside local Outside global 

202.1.0.19 192.168.2.10 

Rl# 

Verification from Outside PC (Internet PC) 

ping 202.1.0.19 

PING 202.1.0.19 (202.1.0.19) 56(84) bytes of data. 

64 bytes from 202.1.0.19: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 202.1.0.19: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 202.1.0.19: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 202.1.0.19: icmp_seq=4 ttl=62 time=24.0 ms 
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LAB 21: DYNAMIC NAT 


OBJECTIVE: 

To configure Dynamic NAT for the LAN users to access the Internet using a pool of Public IP 
Addresses. 


TOPOLOGY: 


Setup Ethernet and Serial connectivity for the lab as below : 



amm 


Interface 

IP Address / Mask 

EO/O 

SO/O 

192.168.2.1/24 

202.1.0.18/29 


Pre-requisite: Default Routing configuration to be done on the router (LAB - 19) 


TASK: 

• Configure Dynamic NAT 


• Verify Dynamic NAT 
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TECH NOLOGIE! 


Configure Dynamic NAT 

R1 (config) # interface serial 0/0 
R1 (config-if) # ip nat outside 
R1 (config-if) # exit 
R1 (config) # interface ethernet 0/0 
R1 (config-if) # ip nat inside 
R1 (config-if) # exit 

R1 (config) # access-list 10 permit 192.168.2.0 0.0.0.255 

R1 (config) # ip nat pool ZOOM 202.1.0.20 202.1.0.22 netmask 255.255.255.248 
R1 (config) # ip nat inside source list 10 pool ZOOM 

Verify Dynamic NAT 


R1 - Verification 

R1 # show ip nat translation 


Pro 

Inside global 

Inside local 

Outside local 

Outside global 

icmp 

202.1.0.20:1048 

192.168.2.20:1048 

202.2.0.17:1048 

202.2.0.17:1048 

icmp 

202.1.0.21:1816 

192.168.2.30:1816 

202.2.0.17:1816 

202.2.0.17:1816 


Rl# 


Verification from PCI 

ping 202.2.0.17 

PING 202.2.0.17 (202.2.0.17) 56(84) bytes of data. 

64 bytes from 202.2.0.17: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 202.2.0.17: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 202.2.0.17: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 202.2.0.17: icmp_seq=4 ttl=62 time=24.0 ms 
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.TECHNOLOGIES. 


LAB 22: PORT ADDRESS TRANSLATION (PAT) 


OBJECTIVE: 

To configure PAT for LAN computers to access the Internet using a single Public IP Address. 


TOPOLOGY: 


Setup Ethernet and Serial connectivity for the lab as below : 





Interface 

IP Address / Mask 

EO/O 

192.168.2.1/24 

SO/O 202.1.0.18/29 


Pre-requisite: Default Routing configuration to be done on the router (LAB - 19) 


TASK: 

• Configure PAT 

• Verify PAT 
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Configure PAT 

R1 (config) # interface serial 0/0 
R1 (config-if) # ip nat outside 
R1 (config-if) # exit 
R1 (config) # interface ethernet 0/0 
R1 (config-if) # ip nat inside 
R1 (config-if) # exit 

R1 (config) # access-list 10 permit 192.168.2.0 0.0.0.255 
R1 (config) # ip nat inside source list 10 interface serial 0/0 overload 


Verify PAT 


Rl- Verification 

R1 # show ip nat translation 


Pro 

Inside global 

Inside local 

Outside local 

Outside global 

icmp 

tcp 

202.1.0. 18:34071 

202.1.0. 18:49237 

192.168.2.10:34071 

192.168.2.10:49237 

202.2.0. 17:34071 

202.2.0. 17:80 

202.2.0. 17:34071 

202.2.0. 17:80 


Rl# 

Verification from PCI 

ping 202.2.0.17 

PING 202.2.0.17 (202.2.0.17) 56(84) bytes of data. 

64 bytes from 202.2.0.17: icmp_seq=l ttl=62 time=24.0 ms 
64 bytes from 202.2.0.17: icmp_seq=2 ttl=62 time=24.0 ms 
64 bytes from 202.2.0.17: icmp_seq=3 ttl=62 time=24.1 ms 
64 bytes from 202.2.0.17: icmp_seq=4 ttl=62 time=24.0 ms 
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LAB 23: GENERIC ROUTING ENCAPSULATION (GRE) 


OBJECTIVE: 

To set up a GRE VPN to enable communication between different networks . 


TOPOLOGY: 


Setup Ethernet and Serial connectivity for the lab as below 

INTERNET 


VPN Tunnel 




Interface 

IP Address / Mask j 

EO/O 

192.168.2.1/24 

SO/O 

202.1.0.18/29 



Interface 

IP Address / Mask 

FO/O 

SO/1 

192.168.3.1/24 

202.2.0.18/29 


TASK: 

• Configure Serial Interface 

• Configure Default Routing 

• Configure GRE Tunnel Interface 

• Verify GRE Tunnel Configuration 

• Configure Routing 

• Verify Routing 

• Verify communication between the networks 
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Configure Serial Interface 



ZOOM 


TECH N OLOG IE! 


R1 - Configuration 

R1 (config) # interface serial 0/0 

R1 (config-if) # ip address 202.1.0.18 255.255.255.248 

R1 (config-if) # no shutdown 

R1 (config-if) # encapsulation ppp 

R1 (config-if) # exit 

R1 (config) # 


R3- Configuration 

R3 (config) # interface serial 0/1 

R3 (config-if) # ip address 202.2.0.18 255.255.255.248 

R3 (config-if) # no shutdown 

R3 (config-if) # encapsulation ppp 

R3 (config-if) # exit 

R3 (config) # 

Configure Default Routing 

Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
Rl (config) # ip route 0.0.0.0 0.0.0.0 Serial0/0 
Rl (config) # exit 
Rl# 

R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R3 (config) # ip route 0.0.0.0 0.0.0.0 Serial0/1 
R3 (config) # exit 
R3 # 

Configure GRE Tunnel Interface 

Rl - Configuration 

Rl (config) # int tunnel 0 
Rl (config-if)# ip add l.l.l.l 255.255.255.0 
Rl (config-if)# tunnel source serial 0/0 
Rl (config-if)# tunnel destination 202.2.0.18 

Rl (config-if)# A Z 
Rl# 
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R3- Configuration 

R3 (config) # int tunnel 0 
R3 (config-if)# ip add 1.1.1.2 255.255.255.0 
R3 (config-if)# tunnel source serial 0/1 
R3 (config-if)# tunnel destination 202.1.0.18 

R3 (config-if)# A Z 
R3 # 

Verify GRE Tunnel Configuration 

R1 - Verification 

R1 # sh int tunnel 0 
TunnelO is up, line protocol is down 
Hardware is Tunnel 
Internet address is 1.1.1.1/24 
MTU 1514 bytes, BW 9 Kbit, DLY 500000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation TUNNEL, loopback not set 
Keepalive set (10 sec) 

Tunnel source 202.1.0.18 (Serial0/0), destination 202.2.0.18 L. J 
Tunnel protocol/transport GRE/IP, key disabled, sequencing disabled 
Checksumming of packets disabled, fast tunneling enabled 
! 

<output omitted> 

! 

Rl# 

R3 - Verification 

R3 # sh int tunnel 0 
TunnelO is up, line protocol is down 
Hardware is Tunnel 
Internet address is 1.1.1.2/24 
MTU 1514 bytes, BW 9 Kbit, DLY 500000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation TUNNEL, loopback not set 
Keepalive set (10 sec) 

Tunnel source 202.2.0.18 (Serial0/1), destination 202.1.0.18 
Tunnel protocol/transport GRE/IP, key disabled, sequencing disabled 
Checksumming of packets disabled, fast tunneling enabled 
! 

<output omitted> 

! 

R3 # 
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Configure Routing 



ZOOM 


TECH N OLOG IE! 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
Rl (config) # ip route 192.168.3.0 255.255.255.0 tunnel 0 
Rl (config) # 


R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R3 (config) # ip routing 

Rl (config) # ip route 192.168.2.0 255.255.255.0 tunnel 0 

R3 (config) # 

Verify Routing 


Rl - Verification : 

Rl # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.16.0.0/16 is directly connected, Serial0/0 

C 192.168.2.0/24 is directly connected, Ethernet0/0 

S 192.168.3.0/24 [1/0] directly connected, TunnelO 

S* 0.0.0.0/0 [1/0] via Serial0/0 

Rl# 
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R3- Verification: 


R3 # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 

C 172.16.0.0/16 is directly connected, Serial0/1 
C 192.168.3.0/24 is directly connected, FastEthernetO/O 
S 192.168.2.0/24 [1/0] directly connected, TunnelO 
S* 0.0.0.0/0 [1/0] via SerialO/1 

R3 # 


Verify communication between the networks 


Verification from a Computer in R1 Network bv pinging a computer in the R3 network 


ping 192.168.3.10 


PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 

64 bytes from 192.168.3.10: icmp_seq=25 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=26 ttl=62 time=24.1 ms 
64 bytes from 192.168.3.10: icmp_seq=27 ttl=62 time=24.3 ms 
64 bytes from 192.168.3.10: icmp_seq=28 ttl=62 time=24.2 ms 
64 bytes from 192.168.3.10: icmp_seq=29 ttl=62 time=24.2 ms 


Verification from a Computer in R3 Network bv pinging a computer in the R1 network 


ping 192.168.2.10 

PING 192.168.2.10(192.168. 
64 bytes from 192.168.2.10: 
64 bytes from 192.168.2.10: 
64 bytes from 192.168.2.10: 
64 bytes from 192.168.2.10: 
64 bytes from 192.168.2.10: 


2.10) 56(84) bytes of data. 
icmp_seq=25 ttl=62 time=24.1 
icmp_seq=26 ttl=62 time=24.1 
icmp_seq=27 ttl=62 time=24.3 
icmp_seq=28 ttl=62 time=24.2 
icmp_seq=29 ttl=62 time=24.2 


ms 

ms 

ms 

ms 

ms 
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.TECHNOLOGIES. 


LAB 24: Hot Standby Router Protocol (HSRP) 


OBJECTIVE: 

To set up an always available gateway by configuring HSRP 

To set up a virtual default gateway with IP 192.168.2.100 for setting up HSRP 


TOPOLOGY: 

Setup Serial and Ethernet connectivity for the lab as below: 


so/o/o 



EO/O 


Switch 


F0/0 


Interface 

IP Address / Mask 

EO/O 

SO/O 

192.168.2.1/24 

172.16.0.1/16 


11 L 










j Interface 

IP Address / Mask 1 

EO/O 

192.168.2.2/24 

SO/1 

172.17.0.2/16 


• Configure HSRP 

• Verify HSRP Configuration 
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Configure HSRP 



ZOOM 


TECH N OLOG IE! 


Rl- Configuration 


R1 (config) # int Ethernet 0/0 
Rl (config-if) # standby 1 ip 192.168.2.100 
Rl (config-if) # standby 1 preempt 
Rl(config-if) # A Z 
Rl# 

R3 - Configuration 

R3 (config) # int FastEthernet 0/0 
R3 (config-if) # standby 1 ip 192.168.2.100 
R3 (config-if) # standby 1 preempt 
R3 (config-if) # A Z 
R3 # 

Verify HSRP Configuration 

Rl - Verification 

Rl # show standby 

Ethernet0/0 - Group 1 

Local state is Standby, priority 100, may preempt 
Hellotime 3 holdtime 10 
Next hello sent in 00:00:01.123 
Hot standby IP address is 192.168.2.100 configured 
Active router is 192.168.2.2 expires in 00:00:07, priority 100 
Standby router is local 
1 state changes, last state change 00:00:01 
Rl# 

R3 - Verification 

R3 # show standby 

FastEthernet0/0 - Group 1 
State is Active 

2 state changes, last state change 00:00:11 
Virtual IP address is 192.168.2.100 
Active virtual MAC address is 0000.0c07.ac01 
Local virtual MAC address is 0000.0c07.ac01 (vl default) 

Hello time 3 sec, hold time 10 sec 
Next hello sent in 0.324 secs 
Preemption enabled 
Active router is local 

Standby router is 192.168.2.1, priority 100 (expires in 8.017 sec) 
Priority 100 (default 100) 

IP redundancy name is M hsrp-Fa0/0-l" (default) 

R3# 
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TECH NOLOGIE! 


Verify communication and data path to destination network 


From 192.168.3.1 computer (i.e. PCI) 


ping 192.168.3.1 

Pinging 192.168.3.1 with 32 bytes of data: 

Reply from 192.168.3.1: bytes=32 time=19ms TTL=254 
Reply from 192.168.3.1: bytes=32 time=18ms TTL=254 
Reply from 192.168.3.1: bytes=32 time=18ms TTL=254 
Reply from 192.168.3.1: bytes=32 time=18ms TTL=254 

tracert 192.168.3.1 

Tracing route to 192.168.3.1 over a maximum of 30 hops 


1 

1 ms 

1 ms 

1 ms 192.168.2.2 

2 

26 ms 

26 ms 

26 ms 192.168.3.1 


Trace complete. 


Understand HSRP behaviour 

Currently data is flowing via R3 router, if R3 router goes down data will start flowing through. R1 
router. 

You can verify the behaviour by shutting down R3 Router Ethernet Interface (LAN Interface) and 
again verify communication and data path to destination network from the LAN. 
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TECHNOLOGIES^ 


LAB 25: FRAME RELAY 


OBJECTIVE: 

To set up a frame relay PVC to enable communication between different networks. 


TOPOLOGY: 

Setup Ethernet and Serial connectivity for the lab as below: 



Switch 


Interface 


E0/0 

S0/0 


IP Address / Mask 


192.168.2.1/24 

172.16.0.1/16 


FRAME RELAY 
Service Provider 



so/i 



Switch 


r 


i L 





Interface 

IP Address / Mask 

FO/O 

SO/1 

192.168.3.1/24 

172.16.0.2/16 


TASK: 


Configure Frame relay 

Verify Frame relay configuration 

Troubleshoot Frame relay configuration 

Configure Routing 

Verify Routing 

Verify communication between the networks 
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TECH NOLOGIE! 


Configure Frame relay 

R1 - Configuration 

Rl(config)#interface serial 0/0 
Rl(config-if)#ip address 172.16.0.1 255.255.0.0 
Rl(config-if)#no shutdown 
Rl(config-if)#encapsulation frame-relay 
Rl(config-if)#frame-relay Imi-type cisco 
Rl(config-if)#frame-relay interface-dlci 100 
Rl(config-fr-dlci)#exit 
Rl(config-if)# A Z 
Rl# 


R3- Configuration 

R3 (config) # interface serial 0/1 

R3 (config-if) # ip address 172.16.0.2 255.255.0.0 

R3 (config-if) # no shutdown 

R3 (config-if) # encapsulation frame-relay 

R3 (config-if) # frame-relay Imi-type cisco 

R3 (config-if) # frame-relay interface-dlci 200 

R3 (config-fr-dlci) # exit 

R3 (config-if) # A Z 

R3 # 


Verify Frame relay configuration 


Rl - Verification 
Rl#show frame-relay pvc 

PVC Statistics for interface Serial0/0 (Frame Relay DTE) 



Active 

Inactive 

Deleted 

Static 

Local 

1 

0 

0 

0 

Switched 

0 

0 

0 

0 

Unused 

0 

0 

0 

0 


DLCI = 100, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/0 


input pkts 1 

output pkts 1 

in bytes 34 

out bytes 34 

dropped pkts 0 

in FECN pkts 0 

in BECN pkts 0 

out FECN pkts 0 

out BECN pkts 0 

in DE pkts 0 

out DE pkts 0 


out beast pkts 1 

out beast bytes 34 



pvc create time 00:06:49, last time pvc status changed 00:01:21 
Rl# 
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Rl#show frame-relay map 

SerialO/O (up): ip 172.16.0.2 dlci 100(0x64,0x1840), dynamic, 
broadcast,, status defined, active 

Rl# 


R3 - Verification 
R3#show frame-relay pvc 

PVC Statistics for interface SerialO/1 (Frame Relay DTE) 



Active 

Inactive 

Deleted 

Static 

Local 

1 

0 

0 

0 

Switched 

0 

0 

0 

0 

Unused 

0 

0 

0 

0 


DLCI = 200, DLCI USAGE = LOCAL, PVC STATUS = ACTIVE, INTERFACE = Serial0/1 

input pkts 1 output pkts 1 in bytes 34 

out bytes 34 dropped pkts 0 in pkts dropped 0 

out pkts dropped 0 out bytes dropped 0 

in FECN pkts 0 in BECN pkts 0 out FECN pkts 0 

out BECN pkts 0 in DE pkts 0 out DE pkts 0 

out beast pkts 1 out beast bytes 34 

pvc create time 00:03:14, last time pvc status changed 00:03:14 
R3# 

R3#show frame-relay map 

Serial0/1 (up): ip 172.16.0.1 dlci 200(0xC8, 0x3080), dynamic, 
broadcast,, status defined, active 

R3 # 

Troubleshooting Frame relay Configuration 

There are can be 3 different states of the PVC : 

1. PVC STATUS = ACTIVE 
(Connectivity and configuration is fine) 

2. PVC STATUS = I N ACTIVE , 

(Connectivity and configuration problem at remote end) 

3. PVC STATUS = DELETED, 

(Connectivity or configuration problem locally) 
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Configure Routing 



ZOOM 


TECH N OLOG IE! 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # ip routing 

Rl (config) # router eigrp 10 

Rl (config-router) # network 192.168.2.0 

Rl (config-router) # network 172.16.0.0 

Rl (config-router) # end 

Rl (config) # 

R3- Configuration 
R3 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R3 (config) # ip routing 

R3 (config) # router eigrp 10 

R3 (config-router) # network 192.168.3.0 

R3 (config-router) # network 172.16.0.0 

R3 (config-router) # end 

R3 (config) # 

Verify Routing 


Rl - Verification : 

Rl # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 

Gateway of last resort is not set 

C 172.16.0.0/16 is directly connected, Serial0/0 

C 192.168.2.0/24 is directly connected, EthernetO/O 

D 192.168.3.0/24 [90/2172416] via 172.16.0.2, 00:03:08, Serial0/0 

Rl# 
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R3- Verification: 


R3 # show ip route 

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP 
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 
El - OSPF external type 1, E2 - OSPF external type 2, E - EGP 
i - IS-IS, LI - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area 
* - candidate default, U - per-user static route, o - ODR 
P - periodic downloaded static route 


Gateway of last resort is not set 

C 172.16.0.0/16 is directly connected, Serial0/1 
D 192.168.2.0/24 [90/2195456] via 172.16.0.1, 00:03:33, Serial0/1 
C 192.168.3.0/24 is directly connected, FastEthernetO/O 
R3 # 


Verify communication between the networks 


Verification from a Computer in R1 Network bv Dinging a computer in the R3 network 

ping 192.168.3.10 


PING 192.168.3.10 (192.168.3.10) 56(84) bytes of data. 


64 bytes from 192.168.3.10 
64 bytes from 192.168.3.10 
64 bytes from 192.168.3.10 
64 bytes from 192.168.3.10 
64 bytes from 192.168.3.10 


cmp_seq=25 ttl=62 time=24.1 ms 
cmp_seq=26 ttl=62 time=24.1 ms 
cmp_seq=27 ttl=62 time=24.3 ms 
cmp_seq=28 ttl=62 time=24.2 ms 
cmp_seq=29 ttl=62 time=24.2 ms 


Verification from a Computer in R3 Network bv pinging a computer in the Rlnetwork 


ping 192.168.2.10 


PING 192.168.2.10 (192.168.2.10) 56(84) bytes of data. 


64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 
64 bytes from 192.168.2.10 


icmp_seq=25 ttl=62 time=24.1 ms 
icmp_seq=26 ttl=62 time=24.1 ms 
icmp_seq=27 ttl=62 time=24.3 ms 
icmp_seq=28 ttl=62 time=24.2 ms 
icmp_seq=29 ttl=62 time=24.2 ms 
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LAB 26: IPv6 


OBJECTIVE: 

To configure Ipv6 address on router Interfaces 

To configure Ipv6 routing (OSPF, EIGRP and Static routing) for enabling communication between 
different networks connected to different routers. 


TOPOLOGY: 

Setup the lab as below: 



GO/l 


Switch 




GO/1 




G0/0 


Switch 


J I L 








I Interface 

II’ Address / Mask 

Interface 

IP Address / Mask 

GO/O 

2001:l::l/64 

GO/O 

2001:2::l/64 

GO/1 

2001:3::l/64 

GO/1 

2001:3::2/64 


TASK: 


Configure IPV6 addresses on the router interfaces 
Verify IPv6 Routing Table 
Configure OSPF v3 routing 
Verify OSPF v3 routing 

Verify communication between the networks 

Configure EIGRP v6 routing 

Verify EIGRP v6 routing 

Configure Static Routing 

Verify Static Routing 
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Configure IPV6 addresses on the router interfaces 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # int GiO/O 

Rl (config-if) # ipv6 address 2001::l/64 

Rl (config-if) # no shutdown 

Rl (config-if) # exit 

Rl (config) # interface GiO/1 

Rl (config-if) # ipv6 address 2001:3::l/64 

Rl (config-if) # no shutdown 

Rl (config-if) # exit 


R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # interface GiO/O 

R2 (config-if) # ipv6 address 2001:2::l/64 

R2 (config-if) # no shutdown 

R2 (config-if) # exit 

R2 (config) # interface GiO/1 

R2 (config-if) # ipv6 address 2001:3::2/64 

R2 (config-if) # no shutdown 

R2 (config-if) # exit 


Rl - Verification 

Rl # show ipv6 interface brief 

GigabitEthernetO/O [up/up] 

FE80::213:C4FF:FEDD:CF00 

2001 : 1::1 

GigabitEthernetO/1 [up/up] 

FE80::213:C4FF:FEDD:CF01 
2001:3::1 

R2 - Verification 

R2 # show ipv6 interface brief 

GigabitEthernetO/O [up/up] 

FE80::214:1CFF:FECA:3EB0 
2001:2::1 

GigabitEthernetO/1 [up/up] 

FE80::214:1CFF:FECA:3EB1 
2001:3::2 


CCNA Lab Manual 


Page | 160 


www.zoomgroup.com 


0 



ZOOM 


TECH NOLOGIE! 


Note: By default, when ipv6 routing is enabled, the directly connected networks are automatically 
added into the routing information table. "C" represents directly connected networks. 


Verify IPv6 Routing Table 


R1 - Verification : 

R1 # show ipv6 route 

IPv6 Routing Table - default - 5 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 
0 - OSPF Intra, 01 - OSPF Inter, 0E1 - OSPF ext 1, 0E2 - OSPF ext 2 
ONI - OSPF NSSA ext 1, 0N2 - OSPF NSSA ext 2 
C 2001:l::/64 [0/0] 

via GigabitEthernetO/O, directly connected 
L 2001:1::1/128 [0/0] 

via GigabitEthernetO/O, receive 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::1/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
via NullO, receive 
Rl# 

R2- Verification : 

R2 # show ipv6 route 

IPv6 Routing Table - default - 5 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 
O - OSPF Intra, Ol - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 
ONI - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 
C 2001:2::/64 [0/0] 

via GigabitEthernetO/O, directly connected 
L 2001:2::1/128 [0/0] 

via GigabitEthernetO/O, receive 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::2/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
via NullO, receive 
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R2 # 

Configure OSPF v3 routing 

R1 - Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R1 (config) # ipv6 unicast-routing 
R1 (config) # ipv6 router ospf 1 
R1 (config-router) # router-id 1.1. 1.1 
R1 (config-router) # exit 

R1 (config) # interface GiO/O 
R1 (config-if) # ipv6 ospf 1 area 0 
R1 (config-if) # exit 
R1 (config) # interface GiO/1 
R1 (config-if) # ipv6 ospf 1 area 0 
R1 (config-if) # exit 
R1 (config) # exit 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # ipv6 unicast-routing 
R2 (config) # ipv6 router ospf 2 
R2 (config-router) # router-id 2.2.2.2 
R2 (config-router) # exit 

R2 (config) # interface GiO/O 
R2 (config-if) # ipv6 ospf 2 area 0 
R2 (config-if) # exit 
R2 (config) # interface GiO/1 
R2( config-if) # ipv6 ospf 2 area 0 
R2 (config-if) # exit 
R2 (config) # exit 

Verify OSPF v3 routing 

Once OSPF routing is enabled, IP Networks learnt via OSPF are added into the routing table. "O" 
represents OSPF route. 

R1 - Verification : 

R1 # show ipv6 route 

IPv6 Routing Table - default - 6 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 


CCNA Lab Manual 


Page | 162 


www.zoomgroup.com 


0 



ZOOM 


TECH NOLOGIE! 


0 - OSPF Intra, 01 - OSPF Inter, 0E1 - OSPF ext 1, 0E2 - OSPF ext 2 
ONI - OSPF NSSA ext 1, 0N2 - OSPF NSSA ext 2 
C 2001:l::/64 [0/0] 

via GigabitEthernetO/O, directly connected 
L 2001:1::1/128 [0/0] 

via GigabitEthernetO/0, receive 
O 2001:2::/64 [110/1] 

via GigabitEthernetO/0, directly connected 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::1/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
via NullO, receive 
Rl# 


R2 - Verification : 

R2 # show ip route 

IPv6 Routing Table - default - 6 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 
O - OSPF Intra, Ol - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 
ONI - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 
0 2001:l::/64 [110/1] ^ f 

via GigabitEthernetO/O, directly connected 
C 2001:2::/64 [0/0] 

via GigabitEthernetO/0, directly connected 
L 2001:2::1/128 [0/0] 

via GigabitEthernetO/0, receive 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::2/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
via NullO, receive 
R2 # 

Verify communication between the networks 


Verification from a Computer in Rl Network 

ping 2001:2::10 

Pinging 2001:2::10 with 32 bytes of data: 
Reply from 2001:2::10: time<lms 
Reply from 2001:2::10: time<lms 
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Reply from 2001:2::10: timeclms 
Reply from 2001:2::10: time<lms 

Verification from a Computer in R2 Network 

ping 2001:1::10 

Pinging 2001:1::10 with 32 bytes of data: 
Reply from 2001:1::10: timeclms 
Reply from 2001:1::10: timeclms 
Reply from 2001:1::10: timeclms 
Reply from 2001:1::10: timeclms 


Configure EIGRP v6 routing 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
Rl (config) # ipv6 unicast-routing 
Rl (config) # ipv6 router eigrp 10 
Rl (config-router) # router-id 1.1. 1.1 
Rl (config-router) # exit 

Rl (config) # interface Gi0/0 
Rl (config-if) # ipv6 eigrp 10 
Rl (config-if) # exit 
Rl (config) # interface Gi0/1 
Rl (config-if) # ipv6 eigrp 10 
Rl (config-if) # exit 
Rl (config) # exit 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R2 (config) # ipv6 unicast-routing 
R2 (config) # ipv6 router eigrp 10 
R2 (config-router) # router-id 2.2.2.2 
R2 (config-router) # exit 

R2 (config) # interface Gi0/0 
R2 (config-if) # ipv6 eigrp 10 
R2 (config-if) # exit 
R2 (config) # interface Gi0/1 
R2( config-if) # ipv6 eigrp 10 
R2 (config-if) # exit 
R2 (config) # exit 
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Verify EIGRP v6 routing 


Once EIGRP routing is enabled, IP Networks learned through EIGRP are added into the routing 
information table. "D" represents EIGRP route. 

R1 - Verification : 

R1 # show ipv6 route 

IPv6 Routing Table - default - 6 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 
0 - OSPF Intra, 01 - OSPF Inter, 0E1 - OSPF ext 1, 0E2 - OSPF ext 2 
ONI - OSPF NSSA ext 1, 0N2 - OSPF NSSA ext 2 
C 2001:l::/64 [0/0] 

via GigabitEthernetO/O, directly connected 
L 2001:1::1/128 [0/0] 

via GigabitEthernetO/O, receive 
D 2001:2::/64 [90/28416] 

via FE80::214:1CFF:FECA:3EB1, GigabitEthernetO/1 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::1/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
via NullO, receive 
Rl# 

R2- Verification : 

R2 # show ipv6 route 

IPv6 Routing Table - default - 8 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 
O - OSPF Intra, Ol - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2 
ONI - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 
D 2001:l::/64 [90/28416] 

via FE80::213:C4FF:FEDD:CF01, GigabitEthernetO/1 
C 2001:2::/64 [0/0] 

via GigabitEthernetO/O, directly connected 
L 2001:2::1/128 [0/0] 

via GigabitEthernetO/O, receive 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::2/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
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via NullO, receive 
R2# 

Configure Static Routing 

Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
Rl (config) # ipv6 route 2001:2::/64 2001:3::2 
Rl (config) # exit 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 
R2 (config) #ipv6 route 2001:l::/64 2001:3::1 
R2 (config) # exit 
R2 (config) # 


Verify Static Routing 

Once Static routing is enabled, IP Network defined through the Static routing command are added 
into the routing information table. "S" represents Static route. 

Rl - Verification : 

Rl # show ipv6 route 

IPv6 Routing Table - default - 6 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 
0 - OSPF Intra, 01 - OSPF Inter, 0E1 - OSPF ext 1, 0E2 - OSPF ext 2 
ONI - OSPF NSSA ext 1, 0N2 - OSPF NSSA ext 2 
C 2001 :l::/64 [0/0] 

via GigabitEthernetO/O, directly connected 
L 2001:1::1/128 [0/0] 

via GigabitEthernet0/0, receive 
S 2001:2::/64 [1/0] 
via 2001:3::2 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::1/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
via NullO, receive 
Rl# 
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R2 - Verification : 

R2 # show ipv6 route 

IPv6 Routing Table - default - 6 entries 

Codes: C - Connected, L - Local, S - Static, U - Per-user Static route 
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP 
II - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary 
D - EIGRP, EX - EIGRP external, NM - NEMO, ND - Neighbor Discovery 
0 - OSPF Intra, 01 - OSPF Inter, 0E1 - OSPF ext 1, 0E2 - OSPF ext 2 
ONI - OSPF NSSA ext 1, 0N2 - OSPF NSSA ext 2 
S 2001:l::/64 [1/0] 
via 2001:3::1 
C 2001:2::/64 [0/0] 

via GigabitEthernetO/O, directly connected 
L 2001:2::1/128 [0/0] 

via GigabitEthernet0/0, receive 
C 2001:3::/64 [0/0] 

via GigabitEthernetO/1, directly connected 
L 2001:3::2/128 [0/0] 

via GigabitEthernetO/1, receive 
L FF00::/8 [0/0] 
via NullO, receive 
R2# 
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LAB 27: CISCO DISCOVERY PROTOCOL (CDP) 


OBJECTIVE: 

To enable CDP on routers and switches across the network for layer 2 troubleshooting. 


TOPOLOGY: 

Setup Switch connectivity for the lab as below: 



TASK: 

• Enable CDP 

• Verify CDP information 
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Enabling CDP 


SW1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

SWl(config)# cdp run 

SW1# 


Verify CDP information 

SW1 - Verification: 


SW1 # show cdp neighbor 

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge 
S - Switch, H - Host, I - IGMP, r - Repeater, P - Phone 


Device ID 

Local Intrfce 

Holdtme 

Capability 

Platform 

Port ID 

SW2 

Fas 0/24 

127 

SI 

WS-C2950-2 

Fas 0/24 

R2 

Fas 0/19 

145 

RSI 

Cisco 2821 

Gig 0/0 

R3 

Fas 0/13 

124 

RSI 

Cisco 2611 

Fas 0/0 

R1 

Fas 0/14 

142 

R 

2610 

Eth 0/0 


SW1# 

SW1 # show cdp neighbor detail 


Device ID:SW2 
Entry address(es): 

IP address: 192.168.20.51 

Platform: cisco WS-C2950-24, Capabilities: Switch IGMP 

Interface: FastEthernetO/24, Port ID (outgoing port): FastEthernetO/24 

Holdtime : 167 sec 

Version : 

Cisco Internetwork Operating System Software 

IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(13)EA1, RELEASE SOFTWARE (fcl) 
Copyright (c) 1986-2003 by cisco Systems, Inc. 

Compiled Tue 04-Mar-03 02:14 by yenanh 

advertisement version: 2 

Protocol Hello: OUI=OxOOOOOC, Protocol ID=0x0112; payload len=27, 
value=00000000FFFFFFFF010221FF000000000000000D28F06840FF0000 
VTP Management Domain: 'zoom' 

Duplex: full 

Management address(es): 


Device ID: R2 
Entry address(es): 

IP address: 10.0.0.2 

Platform: Cisco 2821, Capabilities: Router Switch IGMP 

Interface: FastEthernetO/19, Port ID (outgoing port): GigabitEthernet0/0 
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Holdtime : 126 sec 
Version : 

Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 15.1(3)12, RELEASE 
SOFTWARE (fcl) 

Technical Support: http://www.cisco.com/techsupport 
Copyright (c) 1986-2011 by Cisco Systems, Inc. 

Compiled Wed 10-Aug-ll 05:17 by prod_rel_team 

advertisement version: 2 
VTP Management Domain: " 

Duplex: full 

Management address(es): 


Device ID: R3 
Entry address(es): 

IP address: 10.0.0.3 

Platform: Cisco 2611XM, Capabilities: Router Switch IGMP L. 3 

Interface: FastEthernetO/13, Port ID (outgoing port): FastEthernetO/O 
Holdtime : 165 sec 

Version : 

Cisco IOS Software, C2600 Software (C2600-ADVENTERPRISEK9-M), Version 12.4(19), RELEASE 
SOFTWARE (fcl) 

Technical Support: http://www.cisco.com/techsupport 
Copyright (c) 1986-2008 by Cisco Systems, Inc. 

Compiled Fri 29-Feb-08 19:23 by prod_rel_team 

advertisement version: 2 
VTP Management Domain: " 

Duplex: full 

Management address(es): 


Device ID: R1 
Entry address(es): 

IP address: 10.0.0.1 

Platform: cisco 2610, Capabilities: Router 

Interface: FastEthernetO/14, Port ID (outgoing port): EthernetO/O 
Holdtime : 122 sec 

Version : 

Cisco Internetwork Operating System Software 

IOS (tm) C2600 Software (C2600-IS-M), Version 12.1(4), RELEASE SOFTWARE (fcl) 
Copyright (c) 1986-2000 by cisco Systems, Inc. 

Compiled Wed 30-Aug-00 14:11 by cmong 

advertisement version: 2 
Duplex: half 

Management address(es): 
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LAB 28: DHCP SERVER 


OBJECTIVE: 


To configure a Router as a DHCP Server for assigning IP addresses, DNS, gateway, etc. to client 
computers. 

To create a pool of addresses (10.0.0.0 subnet mask 255.0.0.0), set the DNS server to 8. 8. 8. 8 
, gateway to 10.0.0.2 and exclude 10.0.0.50 and 10.0.0.100 , so that these are not alloted by the 
DHCP server 

TOPOLOGY: 

Setup the router for the lab as below: 



TASK: 

• Configure DHCP Server 

• Verify DHCP configuration 
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R1 - Configuration 

R1 (config) # ip dhcp pool zoom 
R1 (dhcp-config) # network 10.0.0.0 255.0.0.0 
R1 (dhcp-config) # default-router 10.0.0.1 
R1 (dhcp-config) # dns-server 8. 8.8. 8 
R1 (dhcp-config) # lease 111 
R1 (dhcp-config) # exit 

R1 (config) # ip dhcp excluded-address 10.0.0.50 10.0.0.100 

R1 (config)# exit 


Verify DHCP configuration 

On Windows Computer, Select Obtain IP Address Automatically in Network Properties and verify 
the dhcp ip address by giving ipconfig command on command prompt. 


On Linux Computer give below commands 
# dhclient 

Internet Systems Consortium DHCP Client V3.0.6 
Copyright 2004-2007 Internet Systems Consortium. 

Sending on LPF/eth0/00:lb:b9:9a:16:8d 
Sending on Socket/fallback 

DHCPDISCOVER on ethO to 255.255.255.255 port 67 interval 8 
DHCPOFFER from 10.0.0.2 

DHCPREQUEST on ethO to 255.255.255.255 port 67 

DHCPACK from 10.0.0.2 

bound to 10.0.0.5 -- renewal in 40650 seconds. 


# ifconfig 

ethO Link encap:Ethernet HWaddr 00:1B:B9:9A:16:8D 
inet addr:10.0.0.5 Bcast:10.255.255.255 Mask:255. 0.0.0 

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:l 
RX packets:9263 errors:0 dropped:0 overruns:0 frame:0 


R1 - Verification : 

R1 # show ip dhcp binding 

Bindings from all pools not associated with VRF: 


IP address 

Client-1 D/ 
Hardware address/ 
User name 

Lease expiration 

Type 


10.0.0.4 

001c.c06c.91f3 

Jul 27 2015 02:21 PM 

Automatic 


10.0.0.5 

001b.b99a.168d 

Jul 27 2015 02:25 PM 

Automatic 
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LAB 29: SYSLOG 


OBJECTIVE: 

To configure Logging on router and sending logs to a syslog server. 


TOPOLOGY: 


Setup Ethernet connectivity for the lab as below : 




Computer IP Address 
10 . 0 . 0.11 


Pre-requisite: 10.0.0.11 computer should have Syslog server software installed and running. 

TASK: 

• Configure logging to Syslog Server 

• Configure logging to Buffer 

• Generate and Verify Syslog Messages 
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Configure Logging to Svslog Server 

Rl- Configuration 

R1 (config) # logging on 
Rl (config) # logging host 10.0.0.11 
Rl (config) # logging trap 7 
Rl(config) # 

Configure Logging to Buffer 

Rl - Configuration 

Rl (config) # logging on 
Rl (config) # logging buffered 7 
Rl(config) # 

Generate and Verify Svslog Messages 

Rl (config) # interface serial 0/0/0 
Rl (config-if) # shutdown 
Rl (config-if) # noshutdown 
Rl (config-if) # A Z 
Rl# 

Rl - Verification: 

Rl # show logging 

Syslog logging: enabled (0 messages dropped, 3 messages rate-limited, 0 flushes, 0 overruns) 

No Active Message Discriminator. 

No Inactive Message Discriminator. 

Console logging: disabled 

Monitor logging: level debugging, 0 messages logged, xml disabled, 
filtering disabled 

Buffer logging: level debugging, 7 messages logged, xml disabled, 
filtering disabled 

Exception Logging: size (4096 bytes) 

Count and timestamp logging messages: disabled 
Persistent logging: disabled 

No active filter modules. 

Trap logging: level informational, 45 message lines logged 
Logging to 10.0.0.11 (udp port 514, audit disabled, link up), 

9 message lines logged, 

0 message lines rate-limited, 

0 message lines dropped-by-MD, 
xml disabled, sequence number disabled 
filtering disabled 
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Log Buffer (4096 bytes): 


*Jul 28 11:51:26.447: %SYS-5-CONFIG_l: Configured from console by console 

*Jul 28 11:52:11.563: %LINK-5-CHANGED: Interface Serial0/0/0, changed state to administratively 

down 

*Jul 28 11:52:11.567: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed 
state to dn 

*Jul 28 11:52:28.639: %SYS-5-CONFIG_l: Configured from console by console 

*Jul 28 11:52:29.487: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up 

Rl# 


Verification on Svslog Server (PC) : 

Start Syslog software to view the syslog's messages as below : 


^ Tftpd32 by Pn. Jojnirij 

Ci/rent Directory 
Server nterfaee 1 1 0 0.0 11 


Sjrslog server | Log viewer | 

text 


| <1 89>42: Cl 21 55 £SYS-5-C3NF GJ: Con igured from console by vtyQ (1 92 "68.2.1 1 ) 


<1 88>1 : “Jul 29 1 3:23:39.971 : 2IP-4-D0PADDR: Duplcate address 10.0.0.1 on GrgabitEthernetO/0, sourced by 1 0bt.4877.9ebf 
<1 90>2: “Jul 2913:23:40.971: XSYS-6-L0GGINGH0ST _STARTST0P: LDoairo to host 10.0 0.11 port 51 4 started - CLI intiated 
<1 89>69: Mar '1 0C 39 52 757: 2SYS-5-C0NFIGJ: Configured from console by vtyO (1 92 1G8.3.10) 

<190>70: Mar 11 00:39:53.750: &SYS6 LOGGINGHOST S TART 9 TOP: Logging to host IQ 0.0.1 1 started CLI initiated 

<1 89>71 : Mar 11 00:40:28.491: %DUAL-5-NBRCHANGE:~P-EIGRP0] 10 Neghbor 172.18.0.2 (Seria070)is down: interface down 

<187>43: 01:2622. 2LINK.-3-0PD0WN: Interface SeralO/Y changed stale to down 

<189>72: Mar 11 00:40:30.463: %LINK-5-CHANGED: Interface SerialO/0 chanaed state to admiristratvelv down 

<189>44: 01:2623: 2UNEPROTO-5-UPDOWN: Line protocol cn Interface SerialOTI. changed state to down 

<189>73: Morll 00:40:31.404: SiLINEPROTO 5UPD0V/N: Line protocol on Interface SeriolO/O, changed stole to down 

<187>45: 01:2645: 2LINK-3-UPD0WN: Interface SeralO/1, changed sta'e to up 

<187>74: Marll 00:40:53.669: ^LINK-3-UPD0WN: interface SenaO/O, charged state to up 

<189>75: Marll 00:40:54.670: %LI N EPR 0 T 0 -5-U PO OWN : Line protocol on Interface SerialO/0 changed state to ip 

<189>46: 01:2646: 2LINEPR3T0 5-UPDOWN: Line protocol on Interlace SerialOTI, changed state to up 

<1 09>7G: Mar 11 00:40:59.421: *DUAL 5 NOR CHANGE: IP-EIGRP|0) 10: Neghbor 173.10.3.2 (Serio070)is up nevr adjacensy 


frcm 

date 

172.1601 

29/07 1 3:18 15 741 

100.0.1 

29/07 1 3:20:26.485 

100.0.1 

29707 13:20:27.486 

172.170.2 

2970 7 13:22:05 354 

172.170.2 

29707 1 3:22:06.390 

172.170.2 

29/07 1 3:22:40 879 

172160.1 

29/07 13:22:43.063 

172.170 2 

29/07 1 3:22:43 062 

172.160.1 

2970713:2243.079 

172.170.2 

29707 13:22:43.075 

172160.1 

29/07 1 3:23:06 263 

172.170.2 

29/0? 13:23:06.278 

172.170.2 

29/07 1 3:23:06 294 

172.1601 

29/07 1 3:23:07.277 

172.170.2 

29707 1 3:23:09.024 


* 
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.TECHNOLOGIES. 


LAB 30: PASSWORD RECOVERY 


OBJECTIVE: 

To get access to a router's privilegd mode in case the enable password is forgotten. 
To reset the Privilege / Enable mode password of Cisco Router. 


TOPOLOGY: 

Setup Console and Ethernet connectivity for the lab as below: 

Console 
x 

G0/0 s 

10 . 0 . 0 . 1/8 

\ 
\ 
I 
I 
I 

/ 

/ 

✓ 

✓ 


Computer IP Address 
10 . 0 . 0.10 

TASK: 

• Establish console connectivity 

• Access router via console with an emulation software 

• Enter Rom Monitor Mode and Change Register Value 

• Load saved configuration to the router (i.e. NVRAM to RAM) 

• Reconfigure Privilege Mode / Enable Password 

• Reset the Configuration Register Value back to the default: 

• Enable the Ethernet interface: 

• Save configuration to the router and restart the router 

• Verify login to the router using new password 
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TECH NOLOGIES. 


Establish console connectivity 

Establish console connectivity by connecting router console port to PC Com Port with console cable. 


Access router via console with an emulation software 

Configure the following parameters in emulation software for accessing switch via console port. 


Parameters 

Console Port Settings 

Baud 

9600 

Data bits 

8 

Parity 

None 

Stop bits 

1 


Accessing router via console from Microsoft Windows Computer 

• Start a terminal emulator application, such as PUTTY.exe 

• Select Serial option and set speed to 9600. 

• Click Open 



• Once emulation software is ready, Power-ON the switch. 


Accessing router via console from Linux Computer 

• From the terminal enter the below command 

# minicom 
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TECH N OLOG IE! 


Enter Rom Monitor Mode and Change Configuration Register Value 


Once emulation software is ready, Press "Ctrl + Break" within 60 sec after POWER-ON. Router will 
Enter Rom monitor mode. 


rommon 1> 

Configure Register Value 0x2142 to skip executing the startup configuration from nvram during 
bootup. 

rommon 1 > confreg 0x2142 

rommon 2 > reset 

After the Router boots-up completely, it enters setup mode as below: 

System Configuration Dialog 

Would you like to enter the initial configuration dialog? [Yes/no]: no 
Would you like to terminate autoinstall? [yes]: yes 

If you choose "Yes", IOS will prompt questions to gather the information to configure the Router, it 
is recommended to choose "no", since we can configure the Router using IOS commands 

Router >enable 

Load saved configuration to the router 

Router # copy startup-config running-config 

Destination filename [running-config]? 

Rl# 

Reconfigure Privilege Mode / Enable Password 

Since we are already in the privilege mode, we can setup a new privilege password. 

Rl # configure terminal 
Rl (config) # enable secret cisco 
Rl (config) # exit 

Reset the Configuration Register Value back to the default: 

Rl (config)# config-register 0x2102 

Enable the Ethernet interface: 

Rl (config)# interface GibaitEthernet0/0 

Rl (config-if)# no shutdown 
IN D(config-if)# A Z 

Similarly apply the "no shutdown" command on all required interface 
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TECH NOLOGIE! 


Saving configuration to the router and restart the router 

To save configuration on router 

R1 # copy running-config startup-config 

Destination filename [startup-config]? 

Building configuration... 

[OK] 

Rl# 


R1 # reload 

Verify login to the router using new password 

• Access router via telnet and Enter privilege mode using new password. 

telnet 10.0.0.1 



u * 




- (Mitto <•» ^ Mnw* U*fii 


lu h tl: :B 
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.TECHNOLOGIES. 


LAB 31: IOS / CONFIGURATION BACKUP 


OBJECTIVE: 

To take backup of the IOS and the Router Configuration 


TOPOLOGY: 

Setup Ethernet connectivity for the lab as below: 



£ 


EO 

10 . 0 . 0 . 1/8 


Switch 


A 



Computer IP Address 
10 . 0 . 0.10 


Pre-requisite: 10.0.0.10 computer should have TFTP server software installed and running. 


TASK: 

• Create a backup of Router Configuration 

• Verify Configuration file on TFTP server 

• Create a Backup of Router IOS 

• Verify IOS file on TFTP server 
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Backup of Router Configuration 


R1 # copy startup-config tftp 

Address or name of remote host []? 10.0.0.10 
Destination filename [rl-confg]? Rl-start 
M 

807 bytes copied in 0.48 secs 
Rl# 


Verify backup configuration file on TFTP server 

Verify the Configuration file on TFTP server, default path is C:\Program Files\Cisco Systems\Cisco 
TFTP Server 


Backup of Router IQS 

Rl # show flash 

System flash directory: 

File Length Name/status 
1 7496864 C2800-IS-MZ_151-4.BIN 

[7496928 bytes used, 9280288 available, 16777216 total] 
16384K bytes of processor board System flash (Read/Write) 


Rl # copy flash tftp 

Source filename []? C2800-IS-MZ_151-4.BIN 
Address or name of remote host []? 10.0.0.10 


Destinat 


on f 


lename [C2800-IS-MZ_151-4.BIN]? 


7496864 bytes copied in 40.254 secs (187421 bytes/sec) 

Rl# 

Verify backup IQS file on TFTP server 

Verify the IOS file on TFTP server, default path is C:\Program Files\Cisco Systems\Cisco TFTP Server 
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TECHNOLOGIES^ 


LAB 32: IOS Licensing 


OBJECTIVE: 

To understand and install Cisco IOS license on router 


TOPOLOGY: 

Setup Ethernet connectivity for the lab as below: 



£ 


EO 

10 . 0 . 0 . 1/8 


Switch 


A 



Computer IP Address 
10 . 0 . 0.10 


Pre-requisite: 10.0.0.10 computer should have TFTP server software installed and running. 


TASK: 

• Verify Cisco IOS License 

• Install License on Cisco Router 
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Verify Cisco IQS License 


R1 # show license 
Index 1 Feature: ipbasek9 
Period left: Life time 
License Type: Permanent 

License State: Active, In Use 
License Count: Non-Counted 
License Priority: Medium 
Index 2 Feature: securityk9 
Period left: Life time 
License Type: Permanent 
License State: Active, In Use 
License Count: Non-Counted 
License Priority: Medium 
Index 3 Feature: uck9 

Period left: Not Activated 
Period Used: 0 minute 0 second 
License Type: EvalRightToUse 
License State: Not in Use, EULA not accepted 
License Count: Non-Counted 
License Priority: None 
Index 4 Feature: datak9 
Period left: 8 weeks 3 days 
Period Used: 2 hours 44 minutes 
License Type: Evaluation 

! 

<output omitted> 

! 

Rl# 

R1 # show license udi 

Device# PID SN UDI 


*0 CISC02911/K9 FGL161710K3 CISCO2911/K9:FGL161710K3 

Rl# 

Installing License on Cisco Router 

Rl # license install tftp:FGL161710K3.lic 
Source filename []?FGL161710K3.lic 
Address or name of remote host []? 10.0.0.10 
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
lnstalling...Feature:datak9...Successful:Supported 
1/1 licenses were successfully installed 

Rl# 

Note: Reload the router and verify license is installed using show license command. 
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TECHNOLOGIES^ 


LAB 33: PPP AUTHENTICATION 


OBJECTIVE: 

To enable PPP authentication between routers 


TOPOLOGY: 

Setup Ethernet and Serial connectivity for the lab as below: 







G0/0 


Switch 


J [ 





Interface IP Address / Mask 


G0/0 10.0.0.1/8 

S0/0/1 172.16.0.2/16 


TASK: 

• Configure Serial Interface 

• Verify Serial Interface Configuration 

• Configure PPP Authentication (CHAP) 

• Verify Serial Interface set up 

• Troubleshoot PPP Authentication 
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Configure Serial Interface 



ZOOM 


TECH N OLOG IE! 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config)# interface serial 0/0 

Rl (config-if)# ip address 172.16.0.1 255.255.0.0 

Rl (config-if)# no shutdown 

Rl (config-if)# clock rate 64000 

Rl (config-if)# encapsulation ppp 

Rl (config-if)# exit 

Rl (config)# 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config)# interface serial 0/0/1 

R2 (config-if)# ip address 172.16.0.2 255.255.0.0 

R2 (config-if)# no shutdown 

R2 (config-if)# encapsulation ppp 

R2 (config-if)# exit 

R2 (config)# exit 


Verify Serial Interface Configuration 

Rl - Verification 

Rl # show interface serial 0/0 
Serial0/0 is up, line protocol is up 
Hardware is PowerQUICC Serial 
Internet address is 172.16.0.1/16 
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation PPP, loopback not set 
Keepalive set (10 sec) 

LCP Open 

Open: IPCP, CDPCP 
! 

<output omitted> 

! 

Rl# 


CCNA Lab Manual 


Page | 185 


www.zoomgroup.com 


0 



ZOOM 
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R2 - Verification : 

R2 # show interface serial 0/0/1 
Serial0/0/l is up, line protocol is up 
Hardware is GT96K Serial 
Internet address is 172.16.0.2/16 
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation PPP, loopback not set 
Keepalive set (10 sec) 

LCP Open 

Open: IPCP, CDPCP 
! 

<output omitted> 

! 

R2 # 

Configure PPP Authentication (CHAP) 


Rl- Configuration 
R1 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

Rl (config) # username R2 password cisco 

Rl (config) # interface serial 0/0 

Rl (config-if) # ppp authentication chap 

Rl (config-if) # A Z 

Rl# 

R2- Configuration 
R2 # configure terminal 

Enter configuration commands, one per line. End with CNTL/Z. 

R2 (config) # username Rl password cisco 

R2 (config) # interface serial 0/0/1 

R2 (config-if) # ppp authentication chap 

R2 (config-if) # A Z 

R2 # 


Verify Serial Interface 


Rl- Verification 

Rl # show interface serial 0/0 

Serial0/0 is up, line protocol is up 
Hardware is PowerQUICC Serial 
Internet address is 172.16.0.1/16 
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usee, 
reliability 240/255, txload 1/255, rxload 1/255 
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Encapsulation PPP, loopback not set 
Keepalive set (10 sec) 

LCP Open 

Open: IPCP, CDPCP 
! 

coutput omitted> 

! 

Rl# 


R2 - Verification : 

R2 # show interface serial 0/0/1 
Serial0/0/l is up, line protocol is up 
Hardware is GT96K Serial 
Internet address is 172.16.0.2/16 
MTU 1500 bytes, BW 1544 Kbit/sec, DLY 20000 usee, 
reliability 255/255, txload 1/255, rxload 1/255 
Encapsulation PPP, loopback not set 
Keepalive set (10 sec) 

LCP Open 

Open: IPCP, CDPCP 
! 

coutput omitted> 

! 

R2 # 

Troubleshooting PPP Authentication 

After enabling PPP authentication, if you see the following output means, it means there is a 
problem with authentication configuration. 

Rl # show interface serial 0/0 
Serial0/0 is up, line protocol is down 
Hardware is PowerQUICC Serial 
Internet address is 172.16.0.1/16 
MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usee, 
reliability 246/255, txload 1/255, rxload 1/255 
Encapsulation PPP, loopback not set 
Keepalive set (10 sec) 

LCP TERMsent 
Closed: IPCP, CDPCP 
! 

coutput omitted> 

! 

Rl# 
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.TECHNOLOGIES. 


CHALLENGE LAB 


NAT -QUESTION 

A network associate is configuring a router for the XYZ company to provide internet access. The ISP 
has provided the company 4 public IP addresses from 202.1.0.19 201.1.0.22. The company has 14 
hosts that need to access the internet simultaneously. The hosts in the company LAN have been 
assigned private space addresses in the range of 192.168.2.17 - 192.168.2.30. 


The following has already been configured on the router : 


• The basic router configuration 

• The appropriate interfaces have been configured for NAT inside and NAT outside 

• The appropriate static routes have also been configured 

• All passwords have been temporarily set to "cisco" 

Topology: 

Connectivity and IP address for the lab are as below: 



E0/0 


/ 


Switch 



1 





S0/0/1 




Interface 

IP Address / Mask 

SO/O/1 

202.1.0.17/29 
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TECH NOLOGIE! 


NAT -SOLUTION 


Verify Existing R1 Configuration 


R1 # show running-config 

Using 791 bytes 
! 

version 15.1 

no service timestamps log datetime msec 
no service timestamps debug datetime msec 
no service password-encryption 
! 

hostname R1 
! 

enable password cisco 
! 

interface EthernetO/O 

ip address 192.168.2.1 255.255.255.0 

ip nat inside 

duplex auto 

speed auto 

interface Serial0/0/0 
ip address 202.1.0.18 255.255.255.248 
ip nat outside 
! 

ip route 0.0. 0.0 0.0. 0.0 Serial0/0/0 
! 

line con 0 
! 

line aux 0 
! 

line vty 0 4 
password zoom 
login 


end 
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The XYZ company has 14 hosts that need to access the internet simultaneously but we just have 4 
public IP addresses from 202.1.0.19 to 202.1.0.22/29. So we need to configure NAT overload (or 
PAT). 


Create a NAT pool of global addresses to be allocated with their netmask. i.e. /29 = 

255.255.255.248 

R1 (config) # ip nat pool mypool 202.1.0.19 202.1.0.22 netmask 255.255.255.248 

Create a standard access control list that permits the addresses that are to be translated 

R1 (config) # access-list 1 permit 192.168.2.16 0.0.0.15 

Establish dynamic source translation, specifying the access list that was defined in the prior step 

R1 (config) # ip nat inside source list 1 pool mypool overload 

This command translates all source addresses that match theaccess list 1 i.e. source address from 
192.168.2.17 to 192.168.2.30, into an address from the pool named mypool i.e. the pool of ip 
addresses from 202.1.0.19 to 202.1.0.122, Overload keyword allows mapping multiple IP addresses 
to a single registered IP address (many-to-one) by using different ports 

Verify NAT inside and NAT outside statements are configured on correct interfaces. 

R1 (config)# interface E0/0 
R1 (config-if)# ip nat inside 
R1 (config-if)# exit 
R1 (config)# interface S0/0 
R1 (config-if)# ip nat outside 
R1 (config-if)# exit 

Save the configuration using below command 

Rl# copy running-config startup-config 

Verify configuration from a Computer: 

ping 202.1.0.17 

The ping should work and you should get reply packets. 
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EIGRP- QUESTION 

After adding R3 router, no routing updates are being exchanged between R2 and the new location. 
All other inter connectivity and Internet access for the existing locations of the company are working 
properly. 

The task is to identify the fault(s) and correct the router configuration to provide full connectivity 
between the routers. All passwords on all routers are "cisco" 


Topology: 


Connectivity and IP address for the lab are as below : 



Interface 

IP Address / Mask f 

to/o 

192.168.2.1/24 

SO/C 

172.16.0.1/16 



IP Address /Mask j 

GO/O 

10.0.0.1/8 

50/0/0 

172.17.0.1/16 

SO/O/1 

172.16.0.2/16 


jj Interface 

IP Address / Mask 

FO/D 

192.168.3.1/24 

SO/1 

172.17.0.2/16 
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TECH N OLOG IE! 


Verify Existing R1 Configuration 

R1 # show running-config 

Rl#sh running-config 
Building configuration... 

Current configuration : 837 bytes 
! 

version 15.1 

no service timestamps log datetime msec 
no service timestamps debug datetime msec 
no service password-encryption 
! 

hostname R1 
! 

<output omitted> 

! 

interface EthernetO/O 

ip address 192.168.2.1 255.255.255.0 

duplex auto 

speed auto 

! 

interface SerialO 

ip address 172.16.0.1 255.255.0.0 
clock rate 64000 

! 

router eigrp 10 
network 172.16.0.0 
network 192.168.2.0 
no auto-summary 

! 

<output omitted> 

! 

! 

end 

Verify Existing R2 Configuration 

R2 # sh running-config 

Building configuration... 

Current configuration : 868 bytes 
! 

version 15.1 

no service timestamps log datetime msec 
no service timestamps debug datetime msec 
no service password-encryption 
! 

hostname R2 
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| 

<output omitted> 

! 

! 

interface GigabitEthernetO/O 
ip address 10.0.0.1 255.0.0.0 
duplex auto 
speed auto 

! 

interface Serial0/0/0 

ip address 172.16.0.2 255.255.0.0 

! 

interface Serial0/0/l 

ip address 172.17.0.1 255.255.0.0 

clock rate 64000 

! 

router eigrp 10 
passive-interface Serial0/0/l 
network 10.0.0.0 
network 172.16.0.0 
no auto-summary 

! 

<output omitted> 

! 

end 

Verify Existing R3 Configuration 

R3 # sh running-config 

Building configuration... 

Current configuration: 819 bytes 
! 

version 15.1 

no service timestamps log datetime msec 
no service timestamps debug datetime msec 
no service password-encryption 
! 

! 

hostname R3 
! 

<output omitted> 

! 

interface GigabitEthernet0/0 
ip address 192.168.3.1 255.255.255.0 
duplex auto 
speed auto 

! 

interface Serial0/0/0 

ip address 172.17.0.2 255.255.0.0 

! 

router eigrp 11 
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network 192.168.3.0 
network 172.17.0.0 
no auto-summary 

! 

ip classless 
! 

coutput omitted> 

! 

end 

From the above outputs, we now know that router R3 is wrongly configured with an AS No. 11 and 
all other routers are configured with AS No. 10. Whenever the AS numbers among routers are 
mismatched, no adjacency is formed. 


To resolve this issue, simply re-configure EIGRP commands on router R3 : 

R3 >enable 

R3 # configure terminal 
R3 (config)# no router eigrp 11 
R3 (config)#router eigrp 10 
R3 (config-router)# network 192.168.3.0 
R3 (config-router)# network 172.17.0.0 
R3 (config-router)# no auto-summary 
R3 (config-router)# end 

Save the configuration using the command below 

R3# copy running-config startup-config 

From the R2 output, we had found out 2 issues 

• All networks on R2 are not advertised in EIGRP configuration. 

• passive-interface command given for the interface connected to R3 router 


Advertise Missing Networks in EIGRP Configuration 

R2 >enable 

R2 # configure terminal 
R2 (config)# router eigrp 10 
R2 (config-router)# network 172.17.0.0 
R2 (config-router) # end 

Disable Passive Interface command for interface connected to R3 router 

R2 (config) # router eigrp 10 

R2 (config-router) # no passive-interface serial 0/0/1 
R2 (config-router) # end 
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Save the configuration using below command 

R2 # copy running-config startup-config 


Check the routing table on R3. You should now be able to see all the routes. 
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Duration: 2 Weeks | 4 Hrs Per Day (starts on 30* of every month) 
Batches: Morning: 7.30 or Evening: 6.00 


CCIE SECURITY 


(Pre requisite is CCNA & CCNP Security at ZOOM) 


CISCO CERTIFIED INTERNETWORK - SECURITY. 


Duration: 1 Month | 4 Hrs Per Day 

Batches: (Contact the Counselors for the next available batch) 


Fees: ? 2,500/- 

+ 14% Service Tax 



Fees: 2,500/- 

+ 14% Service Tax 



Duration: 2 Weeks | 4 Hrs Per Day (starts on 1 5* & 30* of every month) 
Batches: (Contact the Counselors for the next available batch) 


Fees: ? 2,500/- 

+ 14% Service Tax 


Fees: ^ 7,500/- 

+ 14% Service Tax 


Fees: ^ 9,500/- 

+ 14% Service Tax 


Fees:^1 5,500/- 

+ 14% Service Tax 


VMware vSphere (Pre requisite is MCSE) 

Duration: 1 Month | 4 Hrs Per Day (starts on 1 5* of every month) 
Batches: Morning: 7.30 and Evening: 7.30 


Fees: ? 4,950/- 

+ 14% Service Tax 


VMware vCloud (Pre requisite is VMware vSphere) 

Duration: 1 Week | 4 Hrs Per Day (starts on 1 5* of every month) 


Batches: Morning: 9.30 to 11.30 
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Duration: 2 Weeks | 4 Hrs Per Day 

Batches: (Contact the Counselors for the next available batch) 



Fees: ? 2,500/- 

+ 14% Service Tax 


Fees: ^ 5,500/- 

+ 14% Service Tax 


We also offer the following courses (Contact the Counselors for the next available batch) 

► CCNA Voice @ ^7,500/- ► CCNA Data Center @ ^7,500/- 

► CCNP Voice @ ?9,500/- ► CCNP Data Center 

► CCIE Collaboration @ 5,500/- ► CCIE Data Center 

► IPv6 Migration @ ^5,500/- 


?9,500/- 

5,500/- 


FACULTY 


► All Senior Engineers of Zoom working on Live projects 

* Training Engineers of British Army, CISCO, CMC, GE, BSNL, Tata Teleservices and 
Several Corporates etc for 18 Years. 


www.zoomgroup.com 
















FREE Training 


Zoom Technologies offers a number of free resources for the professional development of network 
engineers. 

Register on our website to get access to the video recordings of live sessions on: 

■ MCSE - Windows Server 201 2 

■ Cisco - CCNA "1 

■ Cisco -CCNP r All Tracks (R & S, Security and Voice) 

■ Cisco -CCIE J 

■ Exchange Server 2013 



- Ethical Hacking and Countermeasure Expert (www.us-council.com) 

Find us at: www.zoomgroup.com 

Like us on Facebook and get access to free online webinars as well as special offers and discounts. 

https://www.facebook.com/ZoomTechnolgies 


Online Training 


Online Training at Zoom is a cost effective method of learning new networking skills from the 
convenience of your home or workplace. 

Taking an online training course has many advantages for everyone (Freshers / Working Professionals). 
Zoom offers online training for the highly coveted CCNA, CCNP and CCIE courses as well as MCSE, 
Linux, VMware, Ethical Hacking and Firewalls, IPv6 with more courses planned for the near future. 
These are live instructor led courses, using Cisco WebEX. Check out our online course offerings at: 

http://zoomgroup.com/online_course 


Job Opportunities 


There is a high demand for network and security professionals at all times. Apart from job opportunities 
in India and the Middle East, network and security administrators are also sought-after in the US and 
Europe. 

If you do not have the right skills, then get them now! Choose the experts in network and security 
training, an organization which has already trained over one hundred thousand engineers. 

For the latest job openings in networking and security, register and upload your resume on: 
http://zoomgroup.com/careers or visit zoom to choose job offering from several multinational 
companies. 
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ABOUT US 


ZOOM Technologies India Pvt. Ltd. is a pioneering leader in network and security train- 
ing, having trained over a hundred thousand engineers over the last two decades. 

We offer a world class learning environment, with state-of-the-art labs which are fully 
equipped with high-end routers, firewalls, servers and switches. All our courses are 
hands-on so you'll get much needed practical experience. 

The difference between us and the competition can be summed up in one simple sen- 
tence. Our instructors are real-time network professionals who also teach. 

Zoom has designed, developed and provided network and security solutions as well as 
training to all the big names in the Indian industry, for the public sector as well as corpo- 
rate leaders. Some of our clients are: 

TATA 

BSNL 

VSNL 

Indian Railways 
National Police Academy 
Air Force Academy 
IPCL- Reliance Corporation 
CMC 

British Army 

No other training institute can boast of a customer base like this. This is the reason for 
the resounding success of our networking courses. If you do not have the right skills, then 
get them now. Come, join the experts! 


Training Centers in Hyderabad, India. 


Banjara Hills 

Ameerpet 

Secunderabad 

Dilsukhnagar 

HDFC Bank Building, 2nd Floor, 

# 203, 2nd Floor, 

Navketan Building, 

1st Floor, # 1 6-1 1 -477/B/1 &B/2, 

Road #12, Banjara Hills, 

HUDA Maitrivanam, Ameerpet, 

5 Floor, # 501 

Shlivahana Nagar, Dilsukhnagar, 

Hyderabad - 500 034 

Hyderabad -500 016 

Secunderabad - 500 003 

Hyderabad - 500 060 

Telangana, 

Telangana, 

Telangana, 

Telangana, 

India. 

India. 

India. 

India. 

Phone: +91 40 23394150 

Phone: +91 40 39185252 

Phone: +91 40 27802461 

Phone: +91-40-24140011 

Email: banjara@zoomgroup.com 

Email: ameerpet@zoomgroup.com 

Email: mktg@zoomgroup.com 

Email: dsnr@zoomgroup.com 


website: www.zoomgroup.com 


